{"report_id":"7d0e6c4c-3379-439e-ae91-c4b0ff3e1b96","version":6,"status":"done","tags":[],"date":"2026-03-01T05:40:49Z","url":{"schema":"http","addr":"i64cl3er5t.com/?serial=39258\u0026creative_id=142\u0026anid=w7ios18ma296pdlgj5054jfu","fqdn":"i64cl3er5t.com","domain":"i64cl3er5t.com","tld":"com"},"ip":{"addr":"172.67.167.148","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"title":"ЛEОН - Ставки на спорт | Слоты | LIVE Казино","dom":{"size":958,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (576)","md5":"2699f06fe70c1e2cdc631e75b978470a","sha1":"d6d74e6eca8208bc451946faeccdf1487aee3f62","sha256":"f43c7777b67b8319c10cdfd892928e12a616dca09f4ac18e3eceaf26c6b7cd7c","sha512":"04b0396ad11dd3d42a72ce20dbda5efc486e495ec420ea00942604b3a2fd5d532de76c796070943e8808ffaeb5f6bbc42b1566485f2c62da142a7e88db74495a","ssdeep":"","tlshash":"c1112b9460470c2fa22315d960a46f1e6d53816e4acb6804b65e9ae8cfe7c51d41e71c","dom_hash":"domhash1beb86d9e34998cdcdd2ab7dc9ea5ad4","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"i64cl3er5t.com/?serial=39258\u0026creative_id=142\u0026anid=w7ios18ma296pdlgj5054jfu","fqdn":"i64cl3er5t.com","domain":"i64cl3er5t.com","tld":"com"},"ip":{"addr":"172.67.167.148","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-04-05T05:40:49Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":1,"urlquery":0,"analyzer":0}},"detection":{"ids":[{"sensor_name":"suricata","title":"Suricata IDS","description":"Suricata /w Emerging Threats Pro","date":"2026-03-01T05:40:26Z","timestamp":1772343626,"ip_dst":{"addr":"74.125.250.129","port":19302,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"ip_src":{"addr":"Client IP","port":42689,"asn":0,"as":"","country":"","country_code":"zz"},"severity":"low","alert":"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)","source":"{\"timestamp\":\"2026-03-01T05:40:26.774245+0000\",\"flow_id\":1985416568426597,\"in_iface\":\"br-31613a7ed13b\",\"event_type\":\"alert\",\"src_ip\":\"172.18.0.41\",\"src_port\":42689,\"dest_ip\":\"74.125.250.129\",\"dest_port\":19302,\"proto\":\"UDP\",\"alert\":{\"action\":\"allowed\",\"gid\":1,\"signature_id\":2033078,\"rev\":4,\"signature\":\"ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)\",\"category\":\"Misc activity\",\"severity\":3,\"metadata\":{\"confidence\":[\"High\"],\"created_at\":[\"2021_06_03\"],\"deployment\":[\"alert_only\",\"Perimeter\"],\"signature_severity\":[\"Informational\"],\"updated_at\":[\"2023_04_28\"]}},\"app_proto\":\"failed\",\"flow\":{\"pkts_toserver\":1,\"pkts_toclient\":0,\"bytes_toserver\":62,\"bytes_toclient\":0,\"start\":\"2026-03-01T05:40:26.774245+0000\"}}"}],"analyzer":null,"urlquery":null},"summary":[{"fqdn":"www.googletagmanager.com","ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2011-11-11","domain_rank":283,"first_seen":"2012-10-04T01:07:32Z","last_seen":"2026-02-22T22:20:46.526035Z","alert_count":0,"request_count":5,"received_data":955959,"sent_data":3236,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"fonts.gstatic.com","ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2008-02-11","domain_rank":0,"first_seen":"2014-04-02T10:51:04Z","last_seen":"2026-02-22T22:14:59.650342Z","alert_count":0,"request_count":18,"received_data":565314,"sent_data":9737,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pixel-us.r2drtb.com","ip":{"addr":"88.214.195.101","port":443,"asn":46636,"as":"NATCOWEB","country":"United Kingdom","country_code":"GB"},"domain_registered":"2024-07-08","domain_rank":5001008,"first_seen":"2024-07-30T23:22:43Z","last_seen":"2026-02-26T15:36:41.542001Z","alert_count":0,"request_count":4,"received_data":1963,"sent_data":1880,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"i64cl3er5t.com","ip":{"addr":"172.67.167.148","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2021-12-23","domain_rank":4837675,"first_seen":"2025-10-18T07:34:49.497184Z","last_seen":"2026-02-23T03:35:36.831308Z","alert_count":0,"request_count":1,"received_data":43096,"sent_data":542,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"api-iam.intercom.io","ip":{"addr":"44.193.165.2","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2011-08-15","domain_rank":17818,"first_seen":"2018-08-02T22:07:54Z","last_seen":"2026-02-25T12:02:04.704665Z","alert_count":0,"request_count":3,"received_data":17269,"sent_data":1561,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"js.intercomcdn.com","ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2013-04-25","domain_rank":23692,"first_seen":"2020-02-19T12:43:00Z","last_seen":"2026-02-23T06:23:19.65954Z","alert_count":0,"request_count":11,"received_data":4824362,"sent_data":5031,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"cdnimages2.gcdn.co","ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"domain_registered":"2014-06-11","domain_rank":0,"first_seen":"2023-06-14T13:15:15Z","last_seen":"2026-02-26T15:36:42.061636Z","alert_count":0,"request_count":9,"received_data":416935,"sent_data":4221,"comment":"","tags":null,"fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"cdnimages3.gcdn.co","ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"domain_registered":"2014-06-11","domain_rank":0,"first_seen":"2023-06-14T13:15:15Z","last_seen":"2026-02-26T15:36:42.768152Z","alert_count":0,"request_count":9,"received_data":23299,"sent_data":4218,"comment":"","tags":null,"fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"o237537.ingest.us.sentry.io","ip":{"addr":"34.160.81.0","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"domain_registered":"2012-04-07","domain_rank":0,"first_seen":"2024-10-13T01:40:23.732193Z","last_seen":"2026-02-26T15:36:41.637189Z","alert_count":0,"request_count":3,"received_data":1566,"sent_data":1902,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"d1cr9zxt7u0sgu.cloudfront.net","ip":{"addr":"3.164.247.189","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2008-04-25","domain_rank":0,"first_seen":"2016-05-17T11:07:13Z","last_seen":"2026-02-22T21:06:39.594331Z","alert_count":0,"request_count":1,"received_data":183161,"sent_data":490,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"www.google.no","ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2001-02-26","domain_rank":92680,"first_seen":"2012-06-26T23:22:08Z","last_seen":"2026-02-22T22:26:31.761234Z","alert_count":0,"request_count":1,"received_data":580,"sent_data":761,"comment":"","tags":null,"fingerprints":null},{"fqdn":"widget.intercom.io","ip":{"addr":"108.157.229.107","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2011-08-15","domain_rank":19213,"first_seen":"2020-07-20T12:16:46Z","last_seen":"2026-02-23T03:17:46.755994Z","alert_count":0,"request_count":1,"received_data":8368,"sent_data":417,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}]},{"fqdn":"leon75.bet","ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-02-26T15:36:40.658933Z","last_seen":"2026-02-26T15:36:40.658933Z","alert_count":0,"request_count":35,"received_data":3325549,"sent_data":43080,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"track.liftdsp.com","ip":{"addr":"3.167.2.124","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"domain_registered":"2024-02-13","domain_rank":0,"first_seen":"2025-09-16T05:39:57.442139Z","last_seen":"2026-02-22T15:04:31.622143Z","alert_count":0,"request_count":2,"received_data":10249,"sent_data":2544,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"region1.analytics.google.com","ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"1997-09-15","domain_rank":22257,"first_seen":"2022-03-17T11:26:33Z","last_seen":"2026-02-22T22:34:22.072738Z","alert_count":0,"request_count":3,"received_data":2512,"sent_data":4904,"comment":"","tags":null,"fingerprints":null},{"fqdn":"pool.liftdsp.com","ip":{"addr":"35.206.140.87","port":443,"asn":15169,"as":"GOOGLE","country":"Belgium","country_code":"BE"},"domain_registered":"2024-02-13","domain_rank":0,"first_seen":"2025-09-12T16:56:20.115696Z","last_seen":"2026-02-22T15:04:29.89467Z","alert_count":0,"request_count":2,"received_data":920,"sent_data":1126,"comment":"","tags":null,"fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}]},{"fqdn":"fonts.googleapis.com","ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"domain_registered":"2005-01-25","domain_rank":313,"first_seen":"2012-05-23T12:41:44Z","last_seen":"2026-02-22T22:18:02.864626Z","alert_count":0,"request_count":1,"received_data":76051,"sent_data":900,"comment":"","tags":null,"fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}]},{"fqdn":"ps.l.liftdsp.com","ip":{"addr":"52.84.50.113","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"domain_registered":"2024-02-13","domain_rank":602474,"first_seen":"2024-10-13T05:47:12.053455Z","last_seen":"2026-02-22T15:04:31.73031Z","alert_count":0,"request_count":1,"received_data":703,"sent_data":465,"comment":"","tags":null,"fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}]},{"fqdn":"5a0ef96fd84066141eb932d11ca5b39bb17a78cb.csftr.com","ip":{"addr":"172.66.40.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2017-08-01","domain_rank":0,"first_seen":"2025-02-23T03:47:42.85381Z","last_seen":"2026-02-26T15:36:42.992946Z","alert_count":0,"request_count":1,"received_data":1279,"sent_data":542,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}]},{"fqdn":"mrspeedtime.gcdn.co","ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"domain_registered":"2014-06-11","domain_rank":0,"first_seen":"2021-12-09T07:51:11Z","last_seen":"2026-02-26T15:36:42.200483Z","alert_count":0,"request_count":58,"received_data":8421601,"sent_data":26947,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}]},{"fqdn":"cdn0.match2one.net","ip":{"addr":"172.67.71.164","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"2018-06-08","domain_rank":743950,"first_seen":"2018-10-09T19:50:01Z","last_seen":"2026-02-28T06:42:56.861529Z","alert_count":0,"request_count":1,"received_data":5859,"sent_data":418,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}]},{"fqdn":"nexus-websocket-a.intercom.io","ip":{"addr":"18.97.36.66","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"domain_registered":"2011-08-15","domain_rank":9252,"first_seen":"2015-06-26T10:17:57Z","last_seen":"2026-02-25T16:25:04.839667Z","alert_count":0,"request_count":1,"received_data":283,"sent_data":737,"comment":"","tags":null,"fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}]},{"fqdn":"downloads.intercomcdn.com","ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"domain_registered":"2013-04-25","domain_rank":72330,"first_seen":"2017-08-21T12:06:05Z","last_seen":"2026-02-28T04:53:44.255314Z","alert_count":0,"request_count":1,"received_data":0,"sent_data":515,"comment":"","tags":null,"fingerprints":null},{"fqdn":"d2449.cdn-clients.arviol.com","ip":{"addr":"45.155.4.10","port":443,"asn":203755,"as":"Itglobal.com Nl B.v.","country":"The Netherlands","country_code":"NL"},"domain_registered":"2023-08-04","domain_rank":0,"first_seen":"2026-01-05T20:30:33.356965Z","last_seen":"2026-02-26T15:36:41.354662Z","alert_count":0,"request_count":1,"received_data":18448,"sent_data":501,"comment":"","tags":null,"fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/f7cf2aa7.d.m.Cn0zlC22.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"b947ef62a7f91df66c383c7f603a51b0","sha1":"54afbe339cf9ad8e4793d3c4e7447cbd1bc7c10d","sha256":"e3b74989ba78a34e873ea7d3e98f3bf9f832584a81de6a23f942862bd7a40857","sha512":"57d2873fe2052ecf8404ce5b2144f76e8b068209ee27c12f593f009e80294d0832fb463c354d5ee365ca6678393d02f0474ab22bbae7dc653ed3be14c448f7a5","ssdeep":"96:kaqcNxpuDF0s/ahcpbjNFpFJRJ3qkdeolh58Q6ud0/bLKCRXxBL:kanx0DGRSpb/pxJ3bdeolh58ad0TemXf","tlshash":"5e9184de76c1b4b997b764e590bb710160291c94701e68e0e12ce6e77e329dfc621f1c","size":4284,"data":"","first_seen":"2025-04-24T07:07:12.664409Z","last_seen":"2026-03-31T00:45:46.22582Z","times_seen":99,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/444dbad9.d.m.COHDy9Qf.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"a0517c72f11103ed464859912922a96a","sha1":"bbd225f4fc02e62620c85627241b0a75276b3bf3","sha256":"c45395687da9b08de31423ae7477024b2f1b8751f1f081192491e39f5ad431ff","sha512":"5b8f8b30d31dae0d32660fc26e31b2a913dd919e8efa3d4432c51c02971526004a35fe58ff6bf96f96cfa369b52204df8e1272b0b0b988143282ebdc300f6411","ssdeep":"","tlshash":"f2e07db5457b6ff29b9a4c74676cf685ab29609137064484600c91095492f93c3ffc67","size":328,"data":"","first_seen":"2026-02-26T15:36:50.591363Z","last_seen":"2026-03-31T00:45:46.151709Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/1788f952.d.m.DfY5zcfv.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"633edfefaa187401ffaaec87b2f3e1d1","sha1":"b66d081eac97ae4f96c94e6d3a6b568ea6d3cc0b","sha256":"a53d97d8684adbd4ec41cdb15b5e45fbb2de47aabe652a54e0f591c32fc80888","sha512":"50476afae9e8c9b6114a33f70a37370721ebf74cb0f0167a3400f2aea36da5daf756676966a108ba16086d2b8b752ad3a3bed260951137a6b3706566fe51a4c0","ssdeep":"384:ZwndR13uJ4p7/Jrz77+CHz8pZ3eTlSN++5Fi75sOHCWqJZQeiAdv7KQlVCeYjEth:KndaKpzVz77+CHz8p0xSNL5FIsOHC5J3","tlshash":"7cb2e6e93282707687e60ae5907b1106f2361dd5384e94d0b12ca9e73c33d9d82bbf6d","size":23637,"data":"","first_seen":"2026-02-26T15:36:50.750654Z","last_seen":"2026-03-01T05:41:07.37383Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"6a01e6f7bce6dbf5d77e90a118c93b0e","sha1":"0dd49694ef9f526b54037573927940d4f49410ee","sha256":"633fe888d0ff0434ff5676b91027d7f70c3af306567d4f1b7d5f30fef585c184","sha512":"bcfd3614437320134d84c7aa5239c54f0ceb14caa75f2bc4199dd14487d248f32638037b41ea918fe8ed8f9d34f18a4dcea0a114499759bfd0d17b70ce2bd228","ssdeep":"","tlshash":"6de028da74110c7570ed05f533b1a11875431108780a5c23ddfdc9142c189c74c134cc","size":341,"data":"","first_seen":"2023-05-07T16:21:54Z","last_seen":"2026-03-29T15:19:13.493938Z","times_seen":114,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"1b104f410e577555bf713d14b3e61cb5","sha1":"5648bba8e164d96ee568ece5fabc7ca82c7629e3","sha256":"1f83c86cadf595b7e55a7e9234b32b6afcb8c724c454a1a959190257e2f36581","sha512":"a692f8417a24c3ca7c87701f1845eafd88e600c7c317c422a3df01954a98bb1a0134cd4e3f0579e07717ed87b203fc7a246aff84e829afb4c911536a1b781309","ssdeep":"","tlshash":"fa1110b93230707dd5a30ac3a5eea746367694144407cce450e4ca4c7764dbd1af2e78","size":949,"data":"","first_seen":"2025-11-14T01:20:21.025653Z","last_seen":"2026-03-29T15:19:13.507196Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/vendors~app~tooltips.7381dcf2.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"59e83f996653576d1f9afa15f65f7593","sha1":"0b29890a77ffff04b5fa147a6849aef771f4d04b","sha256":"40340abe841ecc7f8d694ef396b72c8b492abc2b4e529404f37ce73faa077d9e","sha512":"26a5bff4986fd1616855f3d5249d8d4ab1fea24a81a827928f9801c72a33476237673496e1f3736c0d78f8db0303c99180ae310691e80a21058320096787b97d","ssdeep":"6144:sp02n1qyKHtLp0rn1qyKHtXWgFDAIXOfErq1POdoIgPXsBTa6MZ1u3wwoxzWWeFP:P9j9ISdoIgPXsBTa6Ml1a","tlshash":"a715922495a878ed63cf7186908f986e2d6c00338285ee647dd847e727661b63433f7e","size":894194,"data":"","first_seen":"2026-02-11T13:48:43.578109Z","last_seen":"2026-03-09T10:10:03.899433Z","times_seen":997,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/f927d477.d.m.D2OUHn8z.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"7f280d99c0cf5954311d1cf8af8185da","sha1":"1a3a7096eabbd628a3dd645e4f276580adad4dae","sha256":"8de8232d730813112edfb364db069d06378a4a1dd2b83248734b082e9d80f872","sha512":"8a3ec8eb36fa8fa6d2e967b19637c9a74d181c0cc80107cd6b79c1a7ce81d85c96662c42a0f0ee7ab20b458fc7a3b0c8de2e782fa98cc33463db7e75d1a1a258","ssdeep":"96:k+Rw54EyJB5k1Ydu1JJGWJhTn4FljEWfKZBy4bdz7naTZ5ToFpjdYNEFErZAZquy:N24tJB4Ydu1PGW7r4FlVSyO9sToFpJan","tlshash":"d9c1d6a9338e76404277147d259e1085b07c6884644d182af5e8f87a3c65caa4fffefe","size":6067,"data":"","first_seen":"2026-02-26T15:36:50.749396Z","last_seen":"2026-03-31T00:45:46.275763Z","times_seen":17,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/94ae4756.d.m.DmZFrEVY.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"bc183fc5af2aa719ee37d4644d455647","sha1":"58c6354a228268cc6307167d6e6c53da31b6c806","sha256":"f3a526b9816aa702df93ed0391a67e289b6bbb427eb35bb304014483ab6b4d5e","sha512":"8e0ad86daf03238848ed4d89f469409ba993e6640deed2b6eecae6d2d335f8f45bacdb760345865ce19f4e5f6edddc89b4e63c1fde940ef4c7904412a908ef25","ssdeep":"1536:RXm/AUZGfkHm2Qp5gZ/W/RH2GtGUQ7ZKJDbPq:R2YMGB2C62PmQJDbPq","tlshash":"567363ca71c2f0a683e76034002f9405f37a1d75a0bc91a4deaac4f9bdfa5195637f29","size":76702,"data":"","first_seen":"2026-02-26T15:36:50.735192Z","last_seen":"2026-03-01T05:41:07.354563Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"f153fa5f0da8bd6f795ffdfb4b234623","sha1":"054c09904724e9c7771ddfdc3596ab32bfdb57c8","sha256":"c15e042f8989af29a0bc0ca34f0d6c7c413f4446bab0648858587f2e0b0c5aed","sha512":"56d92b00020bcd98a608bdfb2a1680b8043b95b2c46550a2bbb89af6f1c0e810658f66715a7bf80813423036701aa497cb3b82644df1af91683789cbd56716fc","ssdeep":"6144:mMvOVJHxMVg5W8fR/nXUBL5uz2opBdrhm:mMOVJmy5WoDdm","tlshash":"cc74a819e7526eeb36b0391e712b27e3603247113f61c2b601d64b393e2f84df2665b6","size":337818,"data":"","first_seen":"2026-02-26T15:36:50.746045Z","last_seen":"2026-03-01T05:41:07.372029Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/3ed1c1c4.d.m.CPHMeYCp.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"6560cd4e353503d926aa770a75883570","sha1":"f194ea0779213b45d4def8bbb8e7ce339ee2bff9","sha256":"c9f838a28fb337bd1401886e0ae7f9a57ed2e0692dabce82133d354566cfd8e9","sha512":"12a88c963a6f7d6e46a7c0feaab598815542475b85baf543fe81223802bffabaabbfc76ab50c7e0f90942612a38edf3977183e860b4392547d944d1ebb8e3f9d","ssdeep":"384:aNRbRbsCBQmjArdP/LDbcnxAofaRxncvt825L4RJdh/3WFgBBYxTha65:QRFbssdAR/LPcnxJ+xncvZ5cPD/3WFgG","tlshash":"036208f174ed657043e616e0a07b0106e5e9512830c9c4a0f59fc9ff49eb980aaa7f7e","size":14744,"data":"","first_seen":"2026-02-26T15:36:50.786882Z","last_seen":"2026-03-01T05:41:07.284836Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/launcher-discovery.d1875f8b.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"34aaa9da72969478ed8d2ea582525efd","sha1":"552d3333be48350da31b0a2388211df25528ec3f","sha256":"8af207004942b12e6b94a46e1aeff39c214abbd6a434e0ba9827fe1845462e64","sha512":"955b9ed806d80133f055296cb29905c9b9ac0f7c4fd798c2973fa8ca6f0be703cc1a9c22d830ea771029bde0bbd217dd7e50e30f72ee62ab6fb2ae31bad9e51d","ssdeep":"192:eTmN958T+0h/5TlUci3szx9OcR/uIVdWDteCvYxqL:ORFhjUci3cx9OcR/uIVdWDteCvYxqL","tlshash":"bc12c748f86ef42c92e353a482bf500d237d96a8d41a55fcb865d4e54ffd00c5623f2a","size":9259,"data":"","first_seen":"2026-02-18T11:49:54.344753Z","last_seen":"2026-03-23T07:42:40.202464Z","times_seen":522,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/app.I75bNnF2.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"d32cfc7907bb6d80b5be77d6ad2f8fc5","sha1":"f11dd0cf92ba1d613b98c2190a1df162e5ed4723","sha256":"2fec357092d77027493d3795234ad9618f368821e39a41ba883057a95f0f31ed","sha512":"4464fdedd9a590eae63de5d59b261c567e566b6528a6a8f671054689cce0f81260148e288970629d04421da86af7479bf97f7cc9d4b90f6f4ce4c8b1968acd28","ssdeep":"","tlshash":"67316609639295354aa514fd815f3721b3119fa1317dc6e1e0bc7c6a3db1813ca2bfe2","size":1866,"data":"","first_seen":"2026-02-26T15:36:50.75582Z","last_seen":"2026-03-01T05:41:07.333776Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/6449d237.d.m.B76ytd41.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"6bb8d55f4c09d7207c3f0610a33fc067","sha1":"00c9bfe2de5acbab74808e2a7379b5da6f0ae039","sha256":"0d591f7741d7485727ce57951a6642ac52988a43e9bece0f6f981fc8fe49ef7e","sha512":"e7ded559ffe65f34fcdeb1fea810574738d6d39b3d93c13e0fb95ec10127ffec03d951622ba9e63ad929e3e867944cba18988489d68ad726ecadedeab283995c","ssdeep":"","tlshash":"8c5130c035f17a61966b2af3c53f012bf57a1895fb0e5482b816edd97834032a35fd89","size":2571,"data":"","first_seen":"2026-02-26T15:36:50.604063Z","last_seen":"2026-03-01T05:41:07.316582Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"5cd13807f26fb83c3cf49e6e584bd94f","sha1":"934a9dfc7ea43f71794d377e265a06eb37a35d91","sha256":"87940c9f822580ffa29879a8c872c7b382e20df1ba8adc4af28958fa208e0e82","sha512":"c0d5ad65daabf703169dd6eace7c83012371f6274cbbfd403f706d6cc0b0a3257f165a93f0be591822e2ac990676cf8bef85ba6651b48340e28a3a08133b46f7","ssdeep":"","tlshash":"68c08c09fa2020313223870876f5894153204f3128e2c1fa41bd22a23e27bdea1dbb4c","size":160,"data":"","first_seen":"2026-02-28T15:40:00.807186Z","last_seen":"2026-03-14T07:22:16.835164Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/92bec47e.d.m.D4KO6kr0.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"3e80b62b63584e93c1b5fe707284ad9f","sha1":"55cacdc637d5eb4d13274e71b10ba838aa2d0cae","sha256":"46a589027f497a9cc9e75c6a18e0324d933370fd5282ebdaa98f5083ca9eb7f1","sha512":"a08e2735f864922a8ad05f6c4355b4bc9cfadd3405e9048bc9df98b7361c739434cde61fa216631d3a6fd10145c14fcd7f8e1eb09a407b07d56ecd2b55992d17","ssdeep":"3072:dpsacLVJ7lQAIToVpH7RrfIY/RfuRgmsSBbo0ftRIN3xMi8:6jplrbRn+bjftRo8","tlshash":"9064e58d72f86bb5458370f1b63e1932b270e013340c4d993d9d22959fa6618eee6fb4","size":334047,"data":"","first_seen":"2026-02-26T15:36:50.590224Z","last_seen":"2026-03-01T05:41:07.298181Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/d1f76d1e.d.m.Doz6eonD.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"6ad8d58c5f41b59772324dee886d8c58","sha1":"236a0c9de368717b68ba5e18dd07f5ab2720c8c1","sha256":"2b41c98e6be27b9e8b48716ae8306f774fa303b6b9a1e488cb6724e048a538ff","sha512":"24fbbc9be4af27f99463c3932ca58b519b7db2e02bae8ca29f69eda78ee7a4061b209ca48c6b0524d02c87ed408558f9bd3a50514ed631f4f33727741e0ce7a6","ssdeep":"","tlshash":"e771f9af7fb9e536418286f2b03d72459234915c7025c46061acafca3a67fe05db1f0d","size":3743,"data":"","first_seen":"2026-02-26T15:36:50.776882Z","last_seen":"2026-03-01T05:41:07.368458Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/171e0e51.d.m.xz1lIgn4.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"66ba9517997f2a1808479c60f4aae99e","sha1":"28dd521e26138cf99b52cf6e41b8dcdc43097377","sha256":"5c9cb9045751f00bbc0bbd5a6cb62242d151908524361cc058ec52e5c77b03cd","sha512":"ea1d6c00125267ea318a4b8a41d99d3a3d40d1077b23f14dffff69458014adcd3033cabfbdb0994c54dc012877504dee62eb647a90dcaeeecb667743ef49882a","ssdeep":"768:8y7QHHdKPVd3GcR602tiBBV8OmojgACvUWk/1WbFws5pSGf0lNu6ur2:MKPVhpEK8OmPAgwTu6G2","tlshash":"e3c23be66353e1b28b7b41ca50770182e21446e4f44884f0b9fe986e36ea892d356f3d","size":28038,"data":"","first_seen":"2026-02-26T15:36:50.638341Z","last_seen":"2026-03-01T05:41:07.329329Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/fd767157.d.m.CANN4s_5.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"5627e8349b7a7b0f754c7e852ce249f1","sha1":"b23c9d3ceea82aacf039e25bcec471c885bfc881","sha256":"5498d78c07fb2b49ccd247c3e074030acf86ff12e32bce7a8f0326bea1b698f3","sha512":"ca77e653c0b37fec263b14aa23dc96bcd5ba602f6443b6f3ed6734307943aba6f61bd3b3789827b93136658cb973292db0d6781828179e0be750e8aad259714c","ssdeep":"384:6AuOqKfvmAmiq7bWXgWE20ASWe4bNuKOJkmB0vufoXoGmGFjO5Ath0e4iXW1dGkn:6BEvmAmh7bwHU8Xgn0GWoPGFjDzaJ3","tlshash":"55f281c472d9f5e14393aa74803f910bf23a7c71145ca154e322eae57cb865a91b3f3a","size":36532,"data":"","first_seen":"2026-02-26T15:36:50.70844Z","last_seen":"2026-03-08T14:14:44.165706Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC\u0026cx=c\u0026gtm=4e62p1h1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"22a61eaf1fb843af6c500686d7cabbff","sha1":"a0c91a0f9171a6319a60ca09b62cbd79678e58d1","sha256":"ef54601676ce64acb225e54cc0ce457c059fa1ae48100722f4664e7aa347fe45","sha512":"114969aec54a575ea5694c96ab8fbe845d10da51ab27b3bd91d68ad0ae802762d625048eb815b786ff7a227309ac5f03c98e2ed0eae7b072bbd8e0d3b05ba13d","ssdeep":"6144:tEk83dcl+c8oKTLvGRL8XZtTzWEzXJDlzRila5FryllFP4:n8+l+c8oKPsL8Pil69yt4","tlshash":"ae9419ceb3d674225396f478503f018ba57b68a2b48cc899f189cce42d7469a4277f7c","size":423062,"data":"","first_seen":"2026-03-01T05:41:07.272114Z","last_seen":"2026-03-01T05:41:07.272114Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/vite-plugin-import-retry.dca3f5.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ff04ff64f41edcfe0a5706200f38f11e","sha1":"77e4fd5c51c8f69f421918cd91c20358747dd473","sha256":"dca3f558d8b551db233a488f512c5180ee9db08c320ce1c1492ec74160f5a5cc","sha512":"18b1313067f46bdefed5d478c9a35c83b90285b11bb53056aed6d988335c36f2eb4a6062aad119e94257bf3502eed86fe13e933eef062db8aaa21d595e966cef","ssdeep":"","tlshash":"de7142d93ac3b56c63737479803f5446bb6a2810f2884d61d9acd3d27d2ae46c227df0","size":3484,"data":"","first_seen":"2025-02-07T04:57:00.571763Z","last_seen":"2026-03-31T00:45:46.186865Z","times_seen":157,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.intercom.io/widget/cnjqphyx","fqdn":"widget.intercom.io","domain":"intercom.io","tld":"io"},"ip":{"addr":"108.157.229.107","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"af854a90f951ac3fdfc51ddf4cd29fff","sha1":"9c670db542ad54eadfc050ac081b19954d8e82b1","sha256":"2aaef6906303d5768036d6551ee3495dc3544fd7e978ec6136af87283eeff38e","sha512":"6c70751b79eac82b77d6e9b47fbac5f956d7a38c9137a8b5b6e4a6348a19d5250cbae1a24bce0649f3a7c2b18072e62c79e9a899df1317317b800fd4f10a7ee1","ssdeep":"96:v2NH8/xVRyhsXtpZ8HEZgOM09SP0FfpsEZU2jWzfDsJeiMw938I5Zv1JVqUP:v2YVNCH8bMFOaEbjWMMiZ935pqUP","tlshash":"3ff175feb682793806631576623b770c7e3b654528494890d066c8cc7a7adcbc12bfad","size":7614,"data":"","first_seen":"2026-02-28T18:53:26.780583Z","last_seen":"2026-03-01T08:51:11.116199Z","times_seen":42,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"4a8616c9bd90acd3fad8ea3b3930dde8","sha1":"10877f5f344cf78c144022ade2d6bb221bcf0456","sha256":"54c3636be6e332f6624b39036d80f9d0f7999389908a4583c00cfed5df8498dd","sha512":"ca9cb8d06e80da5422ceb73a81367300f6848fef9c68e3c995d251a0e31f5c558f4d5ea97da1c2810ee68ff9f1a8bc107c26518ae2bf4903b49509f9a1e04209","ssdeep":"1536:7fpN8uD6NeoG0aWr9dn/BN/r/9cZPK1wlUEk7c8hbS0NHa6HYwnOI:zGmWr9dL6ZPK1oUVc8hbS0N664XI","tlshash":"b17329f933a2b57393ee11e6407b0406f3ae68da284d045cb195e9df3a7445840ebfb9","size":78918,"data":"","first_seen":"2026-02-26T15:36:50.781567Z","last_seen":"2026-03-01T05:41:07.33914Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/f611dcc0.d.m.DcDVP0x5.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"93324d0d8a837dd12bd59d339215d47d","sha1":"20d5df564e767b7386706e0d7e6f517cc2030e73","sha256":"f0cc3b3e04a6d8cbc9db97932c8c9980a851338bce36e83b78885021b6893212","sha512":"331905efc6c9b1a4a5a03837067a761fe215badd2f50bd6c70429ba270f5e9347b5cc480020da96ec4c5d8b4e4d967de712d29adc771df41997c29f5c634ab9b","ssdeep":"192:kXl/6ZpOIWZt7IIZpOItZt7IBgs8NsCbyB3MQumu9ACSCkHCSC2RCtCiCVC7CNCs:mCe/FvsOyB3MQtu9qDj","tlshash":"d132349dff6860b204939855826c70c3c5ad94a0a2352fd1940d1ebafe9f561633fc7e","size":11786,"data":"","first_seen":"2026-02-26T15:36:50.733705Z","last_seen":"2026-03-01T05:41:07.299978Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/bdddc725.d.m.CbaoAvak.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4f50ab4bf71c1e0599ee1a112ad1b96e","sha1":"b10366e0a4a2b4e766ed541d791f936757469047","sha256":"7390da77fbc02ccf8e430bd67f2f52f2a2e03e25d0cb3f56ad3c269b767588de","sha512":"456dc692e6a5653c4e2f22b7616bc8ea7f2e1e9a20ded561c13af57b46a4c4753c5744c0900a6648950c21dbb9259a5658159fcf401baa140fa251e86cf545c1","ssdeep":"768:JIqYS24IJKuqaVS+1oK/WbE4JVNfphlffYzKr5RU2mkU:JxYS2zg3aV5/EEUh5LW","tlshash":"cfa39d982654ed6421b6be82c809d541f4cc4a16fbf8f8e2f75bdd8c154198e33a0fa7","size":102084,"data":"","first_seen":"2026-02-26T15:36:50.593664Z","last_seen":"2026-03-01T05:41:07.302931Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pixel-us.r2drtb.com/pixel/js?auth=d796s9\u0026event=regstarted","fqdn":"pixel-us.r2drtb.com","domain":"r2drtb.com","tld":"com"},"ip":{"addr":"88.214.195.101","port":443,"asn":46636,"as":"NATCOWEB","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"902879accbae1a6e7d4023179a5f5582","sha1":"eb32502a93060cafa892ed9a96689b5a356ed9cf","sha256":"5e077e267743c2a25ba1b85e6cd184c4fd8a9b42a9f077a73f9458cb1ebadc16","sha512":"705c2a0551187db0135f284c4489f46c47095ec831453ed3808eb49f8825de7d2aea554b98f75063485499ccdbbccddfbaec839d0f8a33cf414fbeb1c62b8890","ssdeep":"","tlshash":"17e0ca6d572d7503937620937f71635d243541fd3d0058951c4c9d14289aecffd27c50","size":370,"data":"","first_seen":"2026-02-26T15:36:50.794922Z","last_seen":"2026-03-14T07:22:16.720919Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/vendor.50747ce4.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5ab510430734bf0eb7f416a75d470eb6","sha1":"f4e17dbe6b3da8182919d17f5125a64ceeff5b35","sha256":"551045f351338a32ba76ada3140ea011c6dd201761285f2a765b7386fd5789f1","sha512":"3367fb7df279b6d9912870d7724d119651e9348c31175eb46bc4f09d6baf09962b76976711b752a010b1263a65a24417faccf05ad6e0747467bae400ae9e218d","ssdeep":"6144:pv6LzOcnDn6/01m3aLpqrOEG7I03kic/CBXttCXrJhOo7ifE:t6LzOgoaLGF1nCBXttCbB","tlshash":"55b418dd7591b4a207f312f2407f180bb379296a284c4460f664e8dd78f994da23bf6e","size":519396,"data":"","first_seen":"2026-02-13T14:59:23.726375Z","last_seen":"2026-03-04T15:07:43.896905Z","times_seen":1936,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"0fa6eb4e79b82e92e8155380248fb564","sha1":"ff11ba954fb8dc413dfc11ad4f92464a79a76d1a","sha256":"44fcf2c1c5ef33165e2d48630e347cd49946e8abab15538a1b22c98dac30f5ac","sha512":"7fcaf7c7e4d9045d10e7deab37112285a9a6f8af7b2664aa3463edfa6791fc5b0d49e913a34c24ee761773da938b201c0c1758b390c783b35ba55590e8ede131","ssdeep":"","tlshash":"a8a0222280c0080000f0300280033b03230b002c3c8838838080080ea820023200ffb3","size":64,"data":"","first_seen":"2023-07-08T17:48:52Z","last_seen":"2026-03-29T15:19:13.495016Z","times_seen":90,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/rollup.d.m.DiW8JAql.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"729c48d8490150392538492adb6a0aac","sha1":"5e9420cf8abcbd7d1bd583bbe43c6854981066c0","sha256":"95303c90db5e107a7dd5079170d2dc7b74c6c1f0fb9b65e9b97429408e3e2e79","sha512":"47dfa25b8049647e15d9f7450a3993c2affa178ee5203d21f65f7072d435c7e6cfa985de0388692b5729c86fc701f2144f2924657b3278f92847a4bff7fe1345","ssdeep":"","tlshash":"0461d7d531e0e57212aa1ce9f077b202f27435a234dde4c0e21c8cb56a5accdb155e6e","size":3456,"data":"","first_seen":"2025-10-09T22:05:52.437865Z","last_seen":"2026-03-31T00:45:46.189008Z","times_seen":78,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/eda0a406.d.m.DtohOhMp.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"17254bb957af303509597b0b856eedd5","sha1":"062e171c630f4ea76f5c97ac8e9ff7a0b4c41579","sha256":"7a1f977010619685125c16c179cae2c598cc9f3534965c67b494c48617b6b044","sha512":"cd72a1fc42c7db46c94fa513d15e730a992db793596e9ba63e3330cc5ca16dd43f1530d33286c27f3d01ae5b609c2c9f247801bc4a30ab3be5eb8e45c3284846","ssdeep":"768:k+ovhCB7Vsfjo7U9qoWuERqNPNMGkNmw+Eokqss4erb9W6zkwgDBjVZK:kBUfooqNtZQoaI","tlshash":"7dc2f9c1329272b1834684f2e6320253e33a65547806a8bd79bd75db79c1d87ab73bf0","size":25756,"data":"","first_seen":"2026-02-26T15:36:50.685699Z","last_seen":"2026-03-01T05:41:07.304451Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/dd2143ca.d.m.BDaCtZJN.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"173016191c06704eef04f03986b14bdd","sha1":"9c12772a51df61ebaef02952023c16c464dfca3a","sha256":"b23a26c77610197fcf71c118bb19b4f0f67403cf25eb4c0048c42ba0da66f91f","sha512":"d63d4789357a1eb484c142e89df23fbfc84fd32ac94d52555cca9d00f7aed910d9769993db3e918d1357ad54785f4caab085ef42d9949560340a8afaf1f63212","ssdeep":"768:4hpsMqKvydWIthUY7jwhgmNX5DrjWHQyfgJ8IfhoVkjpWBknQAY68uAgKud+et5d:440yRbYVfh7WBknQL61PHd+ejJm8","tlshash":"b05380cd76d2b0a583a3a034402f940af33e2d55a84dc558f5bbc4d5bcba819863bf6d","size":64383,"data":"","first_seen":"2026-02-26T15:36:50.678293Z","last_seen":"2026-03-08T14:14:44.173037Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/7ad78725.d.m.D7LCyb2h.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"969b7f3cf77427401b505f78f673830b","sha1":"1659a078169c9903199f0d2ec3a7ba307aab00b0","sha256":"ba08a5c7947f421cb11d3b70f2aa11ebfad24fd466640846dbc0b8bf8a2c8384","sha512":"87632125be7cad53a35b11814d90652a9d755c97d6fd57d7a039f7346659b5b25b63adaf7b4a1941a0428dadbcdf615551fc8f61f5a80bf48d85e6ca423a4b4e","ssdeep":"192:+LPgkrNwcZi4GJYNS05E0jxtzoqNm//yMGphfWyE/K3nEH8eglO61s/qK0UBlGYR:egkrN7GJIN1jrsZGmyE/4nDNxcX9N","tlshash":"77728455e2858c312253caea41b42940f20ecd551269d6a5b6fcd9fddab1c2fe03e3ac","size":16045,"data":"","first_seen":"2026-02-26T15:36:50.669506Z","last_seen":"2026-03-01T05:41:07.348198Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/vendors~app.c3a12efc.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"279799a16941055b394bac4c7ab17a1d","sha1":"f286943e94a4673685d18469356ca8763ce54223","sha256":"2c70ca80aec82316eb61dbed39b3f765db05b53ffbb7b4d908de25948cb6cdaa","sha512":"206a0344038bdc9198477e3a9f6a74d99ddb9764049dad874554a61959c99398def943416605ba1f0fd9df930581f7ed161480f407c13e6aefb8ea8ad7abebbf","ssdeep":"6144:nxY9lstwDG7qD/v+W/BxbjKuOOc+1o/ibMZyWowsQgaH3nWSL8/w:nS2wDd/BxbuuOJ+1o/ibMZyfws63WSmw","tlshash":"b8c419c5b6e1f4b24b9750e2543b1007f33a4d5c206d90a4b368d5dbb8ec58e62b6b3e","size":566393,"data":"","first_seen":"2026-01-19T13:06:26.444508Z","last_seen":"2026-03-18T08:48:13.838954Z","times_seen":2025,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"b9f3573e588c6451c3a6f203115bdedd","sha1":"f8141a5216d66a6b098d093f36f0fb3abf73e8a9","sha256":"b6feba255ebf539f8599376fab8880b1f0693df812172aa37933622c6c72e1ea","sha512":"2fb9f972f0c0d45fd2b495b1b436b2d27d22dd82dc26738efe162efc7f40912f9a247f15dd46a254347f157e391399e6c261a45c62c2f5df60258711853c8c85","ssdeep":"","tlshash":"bae06149b0b4537fe66692d0f60177553f15492194891d77600e2d59304e38211c0d1c","size":375,"data":"","first_seen":"2026-03-01T05:41:07.37915Z","last_seen":"2026-03-01T05:41:07.37915Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/a1c32793.d.m.DN-8eFVP.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"f4c8beb847bec8b32080fbe0465ad2b1","sha1":"9908c3906420d1855735d9aaaf8eec2413f1a64b","sha256":"1804b35bee04688257b2ee5b062af180ec65278dbb4b7e7bc1e8409dadb1b720","sha512":"b89e8eb5632cd7762259ee9fd1d7110d9f5eefa37a9a91c7d8bdc96fb71c48a4a73b4ac0cacc2cb334630ca63426a7fed881e31eebc8ec55014af17d9f5a3f20","ssdeep":"1536:vQBzCBghYNXKX7+U2XnfpB1kAX99rCU11iygQlqt8N4IB3bZz:IhRh0nfpB1kANeQlqCN/z","tlshash":"85d3a55b56442cfb4a700e2e5b6a76f862334c94fe52c03391bbab3d3f6b106f11a195","size":137728,"data":"","first_seen":"2026-02-26T15:36:50.616873Z","last_seen":"2026-03-01T05:41:07.29888Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/510c96b3.d.m.B3GUEaEv.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"6119d8704e7b249ebab9ea70435f918a","sha1":"6022432d505351227ad61ec8734c5a53196cb545","sha256":"4e3bf72f8745aba5d05b27f50c4af834972627433c823b4434ae580a46058c48","sha512":"74931ee1a4274d9b32c56f5de08a633cad18d04f2461f9d68512374e939266568b55a30751a1ba413a9a1331cfae8cd9e327697f5ec5b52043144cc74ec83059","ssdeep":"6144:9+bVwWKqWa4Eb6MxVibG+Va4oeEtv2z4W+ARwzb7t3aUmWA:9+hPKS4Eb6+QjVa44u4W+AyzHt3aUmp","tlshash":"19744c5872a27238e7fa50b9502b054173740f40341ae8f8f16dae6979a1c0dd7bbdbe","size":344042,"data":"","first_seen":"2026-02-26T15:36:50.765949Z","last_seen":"2026-03-01T05:41:07.315904Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d1cr9zxt7u0sgu.cloudfront.net/shdfp.js?SITE_ID=5a0ef96fd84066141eb932d11ca5b39bb17a78cb\u0026TYPE=JS\u0026DE=1\u0026AUTO=0","fqdn":"d1cr9zxt7u0sgu.cloudfront.net","domain":"d1cr9zxt7u0sgu.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.164.247.189","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"0b91077d0eea71289900b82439e0f098","sha1":"d129f02ebf9f0579e6ae7d0193c31b72bf9a3a8b","sha256":"19671cd169b8256b899b4406963bb6e47e81534c9bb9841ff21cc7a3417f5c7b","sha512":"4761bed806fd413c1347deb991fbc8c872a39326dfef7c1acda30472f5e7cc3f1733e75f69890128e3e24d4af8ed7239ae58a5ffab44c2587990f12bbb0025c8","ssdeep":"3072:qEzujzd82s/OnqHKc/yHT6ERokLBa4wWnkxcxtujMDmdk4LHBseQztbtHdGTHSWH:qEzujBhjTa4RkxcxUjAmdk8QtbmTHS4","tlshash":"0904c5507bc0694963875f7b762bf5d4e45a0e7e3c844d8bc148bc58ab66223fbe0a31","size":182704,"data":"","first_seen":"2025-09-23T18:58:11.287136Z","last_seen":"2026-04-02T09:36:05.663821Z","times_seen":79,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/50305e4a.d.m.nx7HPMT4.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"6ac6bd297bfbf1c6f6b2c179f56967d0","sha1":"e5574dd765bc00a0f1d4730c413ff7e8c2db735b","sha256":"9e566e32fb30c2ca197b85d6f073a67697c6d4e97865f8a7f4d0e016a056df6a","sha512":"7026d8c7eea8234412d35a2131d025ae8b6ef27c7f9712b092d54b2c5faeeb92b1506c3c7c71fa83da827a8e3d972480df54674af0c6f1fdf93988dce3c28076","ssdeep":"","tlshash":"6511054ea8909df649046decc02a0070d66b05eaf328959b30ef157b576e971c12ea93","size":1073,"data":"","first_seen":"2026-02-26T15:36:50.680705Z","last_seen":"2026-03-01T05:41:07.366049Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"de67a6c6aaaf800dd47099cb738c73da","sha1":"dbfad2730311def8f2720b5a8e0a669d09d41d0d","sha256":"acf908b14f29165de87dbc1c3ec37b7f04935cb917921ec280b8c4e3ab7af31b","sha512":"0c50673ce74683ef2377c054805c7438a18d6da1c60a37f0e157c2eb635800ff904104b5b4de7c96474c3cdada07b8f63c3e31b1e9a8293d76440c65872360f7","ssdeep":"","tlshash":"07f0270e9cc507a457f810c453bbff1df29f210c985d8665c3c68892761af9798363e8","size":484,"data":"","first_seen":"2023-12-10T15:49:15Z","last_seen":"2026-03-29T15:19:13.506535Z","times_seen":111,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c81b8bfbc13920cc2f8c6c1341b83c3e","sha1":"55d1ac014dfa2a8235ac677b41a4c858a8a9078e","sha256":"6d52e968db5fbb4e73f7847bc926ebc4c5a9133f24c7f3e88fa17fe3fa70ed64","sha512":"ae7f515ab3e59b350ba615c344a17a7f8916442900574e5f58a04ec122d5f29c1046e56b15c536c3d62a39cfbf29e2fe78fe9fb1668ceaba6960810b58d14c08","ssdeep":"","tlshash":"2c70000200208888a0ac2238eba808c002a020a3288080008030ac000c00a080800308","size":25,"data":"","first_seen":"2025-11-15T07:52:07.141082Z","last_seen":"2026-04-04T14:23:33.475079Z","times_seen":287,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pixel-us.r2drtb.com/pixel/js?auth=4jg3s6\u0026event=visit\u0026uid=\u0026p3=undefined\u0026p4=","fqdn":"pixel-us.r2drtb.com","domain":"r2drtb.com","tld":"com"},"ip":{"addr":"88.214.195.101","port":443,"asn":46636,"as":"NATCOWEB","country":"United Kingdom","country_code":"GB"},"introduction_type":"scriptElement","is_inline":false,"md5":"34661bed3d02c3ca84ff0fcb188516e3","sha1":"96cb189c3903862a93b58124a3a8f638a035b61c","sha256":"86b9a87224dedbeabd3767e9c7554ae29717a9eb7133be23addf231d6acb57b2","sha512":"8ce4348596237e3aaba893aea829bc4e6684caeef09e6294099a0720825ec173464f7d2e82c247106ca462ef31d51ccd0330e7f8c616fc6a690291f61e938554","ssdeep":"","tlshash":"a0e0f16e432db502e2a920937f31260c3431c1ff3b00c8c50c4c5d14288af9bfa39c54","size":387,"data":"","first_seen":"2026-02-26T15:36:50.744806Z","last_seen":"2026-03-28T03:46:07.88586Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/017fc061.d.m.6jXZaT8y.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"7473a31f3263453185cf557250b29f38","sha1":"6a2e1eedc05dfb2ac61a4abd81de3e6f5a2c9ca2","sha256":"103b46bfd5001eac175c1419c8f8d2aaf9b5a44ab3d596c54ca14a8a57c0435d","sha512":"df3f21abd0ab7e701f43cf7aeb68cc4eaa3f45f6d3e5c560cbe8f6f21dff2c0bd167e5483b5d27d9d4300a2ba23c5b1b13401db2f28eca788b89cf3e0254b1f4","ssdeep":"768:I61/QVoeEHTg+ZgrhbGeLJ880mec4R40wNNBLJrlB83prxApCp/UwBDneQDvpy/Y:nzmp7QA/BPWUY","tlshash":"c903fa8877f3b52757d744ea50371003f6298a08784e8068f26cd9df7e9680696bbf39","size":41130,"data":"","first_seen":"2026-02-26T15:36:50.671476Z","last_seen":"2026-03-08T14:14:44.19034Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"4570f21bc689ef7948cd5e825dfc6b53","sha1":"e85a73f74a405f858ab181eee1d1355c2fc79c7d","sha256":"76cdccbcb5ae9183e9019eed34ede1cd017c6383a91a7359bf2842b62fa87cd1","sha512":"c33321ce454c7ee9d59a2d06e809f99c97f4a89ef2272770d9ceec35b9c6a75c7b484121fb12be60e534e6f651f4510cb3db213456b172246c6676cc5fcc48e7","ssdeep":"1536:vdmJ88SSSGwlF5m8/cha/wroeQnq8vrIOHmvDB3IcHiuAT+KAEheXb2WQtx:8JKSGLh/c4/wr/OnT+KdheXb2WQtx","tlshash":"ce933b9d36997439837b41bdd13b0801a32a0e85b41885d1f1fedeae1eda811d3b7e1d","size":90109,"data":"","first_seen":"2026-02-26T15:36:50.760318Z","last_seen":"2026-03-01T05:41:07.324736Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/fc6a7b48.d.m.DOc8Mx96.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"20619cf11d293e11659c8a24db7a6e58","sha1":"7f11484d826f718140938466063e8031030fc5d9","sha256":"25bb3ef5025be8c8baf6bf1f82718ef46bc293918c78bd3e78a3e5f8f54a8f43","sha512":"646000872b6718daf80cf9ca665af347d89c0bf38f14cbcbda9b7e7326df546b7276e36a72d9cec73bb56aa77443a460693192b24091230cc40f00e2dda7c7d4","ssdeep":"1536:qmBFJ/syhY6fn9T5pyuPXGWjdNcMGE+m5e1iAmilaPUCd0KbZhsCv:qmBXET6fh58uPGEdpGE+m5vs80KbZhP","tlshash":"90831909f4054dffd6a7c219e81a0081e5a80b9571a85f41b6ff0d3f6bd98a067a738f","size":87175,"data":"","first_seen":"2026-02-26T15:36:50.684865Z","last_seen":"2026-03-01T05:41:07.295169Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"5cd13807f26fb83c3cf49e6e584bd94f","sha1":"934a9dfc7ea43f71794d377e265a06eb37a35d91","sha256":"87940c9f822580ffa29879a8c872c7b382e20df1ba8adc4af28958fa208e0e82","sha512":"c0d5ad65daabf703169dd6eace7c83012371f6274cbbfd403f706d6cc0b0a3257f165a93f0be591822e2ac990676cf8bef85ba6651b48340e28a3a08133b46f7","ssdeep":"","tlshash":"68c08c09fa2020313223870876f5894153204f3128e2c1fa41bd22a23e27bdea1dbb4c","size":160,"data":"","first_seen":"2026-02-28T15:40:00.807186Z","last_seen":"2026-03-14T07:22:16.835164Z","times_seen":12,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn0.match2one.net/tracking/m2oe.js","fqdn":"cdn0.match2one.net","domain":"match2one.net","tld":"net"},"ip":{"addr":"172.67.71.164","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"scriptElement","is_inline":false,"md5":"76401bdbcf3ea72cd04aa2d225f6bccf","sha1":"dbc688e11aa8d9f93346a4821feaf3dbec553154","sha256":"a9420087b1c4f37a5887f4c27a8a83a758932a1a62fb5a37c082db5ce00afb09","sha512":"96523727c305ffcb97058d6156fe3c97158979bffd0c9cb980085a39ae326a102c1ed8fc7cdb4ab101d082bc391216ff4bca98fcef59c8d98a8e2607ce90fa84","ssdeep":"96:uSwHeEvVaoXsMiCMw7I3iCa6ejkhdfB+mRRKyRpVGtSu:Wt8CMw72iCGjkhbHRR5VGtSu","tlshash":"1ea12f1936fb62b304eb64694b8f2031713c579b305a89007d5cbf101fabc659a9bfa8","size":5052,"data":"","first_seen":"2025-11-12T23:10:11.563014Z","last_seen":"2026-04-04T14:23:33.261591Z","times_seen":367,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/app~tooltips.9d96e376.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"027290e5b29850c6edab6deaced04fe2","sha1":"638a9bcf5020089ced54119504078e10fb76b335","sha256":"65e8e0eb4e7e184b67004e2464fbef6d9ed3612bb202fbe4c45bae35faefb476","sha512":"ac8dade28c292a99630846700417fbc95d0a9b6ffbd50af87d2f425280fef3aabb8a6236684c3370ad9ebfdd25d9b91c4dd34a273cfbe3173856aa9f3d46b030","ssdeep":"6144:yQcoky2V9zpjHqUoPJWQlqIpQjvHtczansruUp4Jkp38Dz:+qUoPJWQlqlvHtczansruQ4JQ3yz","tlshash":"17643cd8b1c6b429f3675128407f140e733e7651f80d4594f66ee8e4e8aa1ca9223fde","size":324243,"data":"","first_seen":"2026-02-26T15:36:50.588738Z","last_seen":"2026-03-01T14:57:00.384274Z","times_seen":72,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"51e25e46cbd82caecc019aa2b9b65cff","sha1":"2dc9e59e61bd7ab967354aeb65da69166e3a785f","sha256":"2a4696b2d23db48779024dc162820ceacf049a4ddab5794634163b23ea2d4b0a","sha512":"074cbbbcef185392ff79a438c19fc74c5f5067fb737c4e7469a888d51f8ecfc73c9fb7b7c5e0205a817db7b9444e7025390296e45df34e26fd5d417d04d58fc1","ssdeep":"","tlshash":"56416d2f35f1102241a3b17d0b9bd25173338303584eee983e5c13557f969aa89a6f9c","size":2065,"data":"","first_seen":"2026-02-26T15:36:50.82389Z","last_seen":"2026-03-01T05:41:07.381027Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/4e25ffb2.d.m.dHLnw-58.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"eec812664988c33047428d43327c26c8","sha1":"112e9314babab0ade8acb892668c22bb5872fb46","sha256":"43cdf9882055daeef19044d8909b25140614a15063e0f204e03f20c038c3e3e1","sha512":"ef809b1eb6f8acb17f9c5ba71193a5ee7093bfa4cb11c2894761756f0d9353c44bfdd7b22d28cefb80a2ac2e9133db8d68217caef7e023f15af840482056b1b4","ssdeep":"","tlshash":"a7f0c9ccb2c2b869026700b9803f985ee63a79903acf8090d50a90746e7041a8233e2e","size":512,"data":"","first_seen":"2026-02-26T15:36:50.783339Z","last_seen":"2026-03-01T05:41:07.355412Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/a1fca7f1.d.m.BZM33g_E.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"ebde2d39f138a42baa20b276bfd63fae","sha1":"116843f5a885a77c9f2ba259e9e23d1fd045dc02","sha256":"35b26c3e85d5472fa3cb91ddcfa727d44b843b651bdc033fda887ae732e75317","sha512":"e81ee8c2932550539af19077a06bc6b2bfdfd46ffe171793b73efcedbd3d986482dc4537d266c629a665c6f15a2971294ab176c03b298147dd4d2fecac6882cb","ssdeep":"","tlshash":"a841ddcb738498329b57d9acae1f6f72287ff246451ac2a84158f1f015820ddc05af2d","size":1926,"data":"","first_seen":"2026-02-26T15:36:50.677605Z","last_seen":"2026-03-08T14:14:44.244184Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/f0836975.d.m.B-jDnhKB.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"3da233b38fddad39247c6bd3e9a098f6","sha1":"cd5508cd687ff411d567a65e6311982ccb88d7ee","sha256":"ca28c00b2e4527bc8b7f80c0b909a5a754e2577b01e3cc991d3bf27ca2c33ee8","sha512":"136f2d40b3c4a18690f8549028bc8a5e4139a1ecdef583a7b5bbedb403a7ad73cfd0024fa409162b0a3b7d28a5fc9384738fad20728e98d8c300eb86261ade48","ssdeep":"3072:I8NbFH3qLe5FEwSwXwOlczFAaugR6iVHcVHl2po3y5HL9QYl3tx4C4JdErZ4O5Lh:pLFDgOuFRDV8/2pA/s","tlshash":"6d244ba4738ab43547c451a4902e1b22f17a9c6a645cd018faedcef61fb8446637ef3c","size":224135,"data":"","first_seen":"2026-02-26T15:36:50.774113Z","last_seen":"2026-03-01T05:41:07.357759Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/d1610888.d.m.BOZMQuK3.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"20b93657e81f925235ab54b56d6c8b03","sha1":"6b72786a21dbd464c861b1f043e9c97ca2a8cd0b","sha256":"d59deed8f4df56066be0110a0331219a5c6bfe4077fbc097e50380432e3b3ec3","sha512":"8b7b4d4d0e042b1d52b998640d711609eba77269228ef2ed934fc4d4c9beb54e7330c55610e92509094bee83e1c2fa149b66c1afe7ffe4fdd2457d1800b1fda2","ssdeep":"12288:PHgzdDVx/MfP/045ZaCIwBZ4qWp67h7Y6Ud5bCzjd4yQYdwg/dv2LC5154Uy0:PHgRZx/Mfk45nIwBZ4qWp67h7Y6Ud5b6","tlshash":"76d46b997151343547b640ac806f050ab33a2a2e685dd8acf26df5ef29adc48317ff78","size":611025,"data":"","first_seen":"2026-02-26T15:36:50.637061Z","last_seen":"2026-03-01T05:41:07.325557Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/frame.7b630468.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5fbd73401b2d331ddaf07ade9bcd1db5","sha1":"a26f12ba89796e05a3dc63ebbefaf98ef0662832","sha256":"d897d0e55bee3ed484986df313c5deaee53df02a231dfe69ed391c27f859d014","sha512":"ceb885f8d96959169357ef4bdd81b4705777af9b11e38012e17a78b4515a5ff57200efd315866506dfc529dfe418168ed614d1b26a29822b5e00785840ff48df","ssdeep":"12288:wiCSeXM5xorZQ+fRnlPGdaTEZBsaNuu8wi2yw0Aau1:tQNblPGgisaPau1","tlshash":"1e45b5ccb2d2f06a43976575812f200bf33ea996b54d8050e629e8d1bcb958d9237f7c","size":1164568,"data":"","first_seen":"2026-02-28T18:53:26.833427Z","last_seen":"2026-03-01T08:51:11.130022Z","times_seen":36,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/ba8af1f8.d.m.VUq491aJ.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"763f5748cb8de1ff18f23bc4bf1ed472","sha1":"af677b45c05f46ed8e511b6ccf4858ec2de68ce1","sha256":"17a9dcd3dd8578dc751ee088728516ffa6c8535022462ab5029dd09d7052002c","sha512":"7a650f50e7f54ba94192525ba54c051a59135008b0b4ade793e6334836e8303371c84fa6045eeeb5cb11dd6eebabc06df07b1caba54ba0d42aea9d4f36fd2d8e","ssdeep":"3072:ULwZR9YYnU+3hyAIRGyBcl8oJBTEV3V5fRk:ULwZR9YYUIyAIRGacge","tlshash":"37d3e5c872e2f06283e22470002f440af27e6d69949cd494f6a9d4f53df995e8637f6e","size":130226,"data":"","first_seen":"2026-02-26T15:36:50.709985Z","last_seen":"2026-03-01T05:41:07.328394Z","times_seen":5,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c81b8bfbc13920cc2f8c6c1341b83c3e","sha1":"55d1ac014dfa2a8235ac677b41a4c858a8a9078e","sha256":"6d52e968db5fbb4e73f7847bc926ebc4c5a9133f24c7f3e88fa17fe3fa70ed64","sha512":"ae7f515ab3e59b350ba615c344a17a7f8916442900574e5f58a04ec122d5f29c1046e56b15c536c3d62a39cfbf29e2fe78fe9fb1668ceaba6960810b58d14c08","ssdeep":"","tlshash":"2c70000200208888a0ac2238eba808c002a020a3288080008030ac000c00a080800308","size":25,"data":"","first_seen":"2025-11-15T07:52:07.141082Z","last_seen":"2026-04-04T14:23:33.475079Z","times_seen":287,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"3adfa8495ba4ce1069ed0edd879074e4","sha1":"cdd4266b28518f1e3b6a5ea897f4e11a11fc00c6","sha256":"83f13796b2dd1a1758be5b80b069e720eaaf22ac1488bb3e68d7f2809ddb6296","sha512":"5d3afa4adc15bf2328ae36a4e7f859409924e555ba6d7cb2eaca25c2be4f62d64f2dca8fcbba162edb1ce383ac36648cd52b181180cfc8165569ddcd2a230437","ssdeep":"","tlshash":"36b0120865e2b82e06edb06513bb6f15b516d5531c1d5652b44806afbfa1013d83c7f7","size":104,"data":"","first_seen":"2025-04-24T07:07:12.841775Z","last_seen":"2026-03-31T00:45:46.296227Z","times_seen":147,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/86620776.d.m.CID0CXav.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"5602db64f6f371dc3ad9af75452efc41","sha1":"03d6824dc8fb259e5b8f78964a340642bcd435e5","sha256":"43220932fdb02480653d634dd5602a04aab36492ec648d198debf2a2dbafc08f","sha512":"8b9fd6977bb3d468d066119bea729fa0afb1e8b81027e867ccd88a335afd6345f65f0e4ebbdf89dfb4ba7597daa644365f9bc65c14dff289584d88e7228c39ce","ssdeep":"","tlshash":"5481968db1d170b9d33604e0c02705d9422a576872b2adeaa0af56339a48c68f3ff567","size":3988,"data":"","first_seen":"2026-02-26T15:36:50.770851Z","last_seen":"2026-03-01T05:41:07.349164Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/71c69379.d.m.aWyPCXM4.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ee2e29a72d0fce3890f8cb615f28478a","sha1":"534099a9a7020724e9c6dc3b775f27653b5cf773","sha256":"dda9ff0fbba426b2b4d72b6996e95809cf56b688149eddeec4b158c826de7232","sha512":"a2fb98bc167acb901287a2dcdbd89922a434a7589b2244e8d18bc2fd6e4c5f753f7959a753f53237905e270fc819c872ae6e470826fea000e442e43d83f09128","ssdeep":"96:KFdyU4MS/X0uGz1OtEIts0uGz1OlsUx/dwvuGz1/5MvQrPbMeqwKLPU:KFdyUS/U1QgU1ypDU164rJqw+8","tlshash":"d0a1e78d3c7e98709bef984fe1690c19de2d0fa215558e8194bf04b727bbc40d213827","size":4658,"data":"","first_seen":"2026-02-26T15:36:50.660594Z","last_seen":"2026-03-01T05:41:07.332624Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"027ae8b32946f8b19dff4705889fcd0a","sha1":"e85eda88598d6c6a4842eab16936ad303d70ef7a","sha256":"ffe489baa45ee4d7c556f35503a851a88e871264ba03986984dbe4994bfd1d4a","sha512":"f741593d4d0ac532d68e871ec77353fadc7f423679917731aabcccf430e8e5b50a78038720bfda509d8ac2b59b81ab4693ad08271821e928fde073e488727313","ssdeep":"6144:RFgtTEalk8+dcHcMoXTLvGd8XZCTzWEzXJDlzqilmo5nborP:tH+HcMoXPs8Nil9nbkP","tlshash":"6cb4f98e73d4b87ac3a65524643f060a663d20e2b14c9590f0d9ccd42e7997972a3fbf","size":529435,"data":"","first_seen":"2026-03-01T05:41:07.351216Z","last_seen":"2026-03-01T05:41:07.351216Z","times_seen":1,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"631036c478b6a0b0aaa7d71707779f0f","sha1":"94053f2e94b305e3dda29c04d3ce22346a8336cf","sha256":"0c390ae44fb3e39f9e23de7e61857f53e78be006a2c17cfcd0e583d073fa3762","sha512":"a62202769c20f2ed1686a8fa7c619fc9ae2cf0c3cf33ba268f901422dcce0f910f1ced698eba91c9348863f385c16e9bfa4392c3e220c1fa7d589750fd35a8f4","ssdeep":"","tlshash":"c3f00255790b513d47a3607047ffc20b2827a0a711c1c849d916c8b81fe5ac8c59fbef","size":625,"data":"","first_seen":"2024-03-29T05:33:40Z","last_seen":"2026-03-29T15:19:13.502083Z","times_seen":118,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/app.6bbc76b4.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"ccbb7764345264d557dfa18e23244255","sha1":"4d8091ea14c387ce440a81d027b60fd7b0f963ab","sha256":"ea93235ec303b61ba5d9a24600ee1056f2c99797d51a4d59403199d209005b88","sha512":"1ce4b26827d7bb748627b8a044d705b4421654eb2611ed6e0101d36020ff428cc62bb1ef79b1bbe86877f1bb9894af9b566f7b09183e3c2ab9d6e5de7c9234e5","ssdeep":"6144:/Bg2REkvRgCRrMounJFryWCzC8Czrz7Ca0c3ldNqCFi/duBA5q2aqvgKRrcuSa5s:/Bg2RnRgCNOnzrCvc3bbMlvaqgKHAg2","tlshash":"8e35fac8f1d6b4289763a574407f100ef23fa949f58e4054f62ae9d5ac7d08de223fa9","size":1118398,"data":"","first_seen":"2026-02-28T18:59:38.453441Z","last_seen":"2026-03-01T08:36:40.689507Z","times_seen":14,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/65c7eb77.d.m.CyU81GPp.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"94c93374b42bff5f26f3a34ea2a87ad6","sha1":"5e054b529cf3c700778621da0f48ccc9118df064","sha256":"ffed4d59c3f7f26c22e09e873b88b73a7fe5068821384713a935e94edf533ace","sha512":"adbee56cc4cb3dce3fa89aeff8848aae95e0b6b1de4b7b9db8ddf7b9d9f89107bedc520d179d55a1012d317027d3a5c1189566309894397c4970bd97fdafdf9e","ssdeep":"","tlshash":"aa5140ccbbfba07026a508e58197b007b3bfe985717d5052f02c55b27a5349f91ab90f","size":2481,"data":"","first_seen":"2026-02-26T15:36:50.802105Z","last_seen":"2026-03-01T05:41:07.358629Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/c7016086.d.m.B95bN3MA.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"952a970e6cb65c7f5f81ffbe2e407c37","sha1":"010df53790d74f09f12a84d1c544c0b4377d464a","sha256":"6d3c933ffe12068ff6f4afa5ec3d44cb9829f662005ef9ac6d40ef2127df9bb7","sha512":"4bc0253824499de28ad4cc866350902ef238a9d8d3ec4c579186db26831882481114208050a49caea3e633b6553f3c14621a2490d0e5006b6529440df346847b","ssdeep":"384:dxtL7YoplhKdhsOT3NqWEBI8YALo3lcS++VHYLIaGPfWwj1qXqYU5P9tlIgg/UJu:dxtL7PD4hsy312IhALo3aS++FwIaGPfC","tlshash":"bf72a4e93183b53553eaa9e7403b010af33c3944344f9494f6aeaac63d7651352b3e7a","size":16135,"data":"","first_seen":"2026-02-26T15:36:50.730644Z","last_seen":"2026-03-08T14:14:44.227827Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/a1c6617b.d.m.BPk3a0gK.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"f8d82ccda059c352ab446facf8976938","sha1":"2722dd4477620b944a2bed7ce8d3f4ae27663da1","sha256":"98873f3be20f37c6aaf013c0653526805a25c8e267ae03a9ae2e859e9934efb0","sha512":"da7a4731b31ec3a1663f47ed73f32e394ea3c2f9cfd383d4b729f7d02ec1c588be9571ab94576ae7df9f83759d49f5aabb60d60853e334d7048ff4a0ea683451","ssdeep":"3072:z0NfKGJvEvGdrSaV67dmcgUxHtA8WAUA4Ic/5/WLODYoCIDIinUVDAlwn3Qd5f9c:zqfKGJvEvGdrSaV67dmcgUxHtAFAUA48","tlshash":"1fc33a89bd41607ac7674ece827a1800732d1f92e1598891f17b8fff257a8149377b2e","size":122316,"data":"","first_seen":"2026-02-26T15:36:50.808846Z","last_seen":"2026-03-01T05:41:07.335495Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/036a973d.d.m.DDj01hZ8.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"5a56e623158dbfcf5853375bd8308664","sha1":"547e1dff805f86167550b015cc623b60116612d1","sha256":"9501eede310c3d02294cb1481653d19be86207e5e18667ee7859562cee0b95d8","sha512":"3ddb81be33c8de942b8b8397cb626dd6d38f13f66d703a7c5998c9a83d6cacbebf60f3b8d6a81658197aca43ac13f05d52b14a69d984ca9c2e1bd3d6cd9758ed","ssdeep":"3072:glPCf2+Xb0xeLKOBlv4LyFMME3VF99l/yAj6CUVZ0XjGU2/i:glq90wL7BlDFHuF9T9j6CUVkjF2/i","tlshash":"905419d931d6713353e60aa590bb0102f7355a90344e81a8f52cd9ef3dba44aa2b7f3d","size":285362,"data":"","first_seen":"2026-02-26T15:36:50.681992Z","last_seen":"2026-03-08T14:14:44.155141Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/17ff6b76.d.m.D2Kkw9n1.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"scriptElement","is_inline":false,"md5":"eb83e258cad95b044c6b6cb1aa73ce48","sha1":"7b54058fa5cafa75dd09bba20e6aa00827c6e267","sha256":"f19e2f626213025c1e335d00018e03c59d8894f974c352fd5ee3a2aa56bedc5b","sha512":"32feb5c5462c41d04916425aa47e4ffb61a03f497411ca196bdc0f2c9cecc61acdff98ec67e506d36614a24d4d2e6806bc1f187088b45036c0e86ca2536968c5","ssdeep":"","tlshash":"8d4183b9b190e0384339c4ade47391d4ab3a5760b3b6c8e1d05e256d0ab8cc6c275ecb","size":2372,"data":"","first_seen":"2026-02-26T15:36:50.683783Z","last_seen":"2026-03-01T05:41:07.327008Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"c47542f5453b926ee31b84dcec583f01","sha1":"a98be511b95f998eb3f3524eb98351da0283f769","sha256":"215c51760bb486283b7da84887bc192f3dd0697ca55556af3c570222488767fb","sha512":"c57b1e4a0e522dd714f5eddf1c2c2e851d03d3055b0590f37d3de8e9168962660adf38639779650ee2246ed322d79609e64dc253ae5eab3baaf94a670abd6a6f","ssdeep":"","tlshash":"a0f0c01360937471cf3368b8271f4365d99b406f89d25869f7bf8412af35e4460abc1c","size":571,"data":"","first_seen":"2025-11-15T07:52:07.145608Z","last_seen":"2026-03-29T15:19:13.505302Z","times_seen":41,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.liftdsp.com/smartpixel.js?pixel_id=154038\u0026json_id=ac786b28-283a-4d76-a40b-23e03f94ae14\u0026diagnostics=false","fqdn":"track.liftdsp.com","domain":"liftdsp.com","tld":"com"},"ip":{"addr":"3.167.2.124","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"5517675f9e392d7c5baca5af98c92978","sha1":"c49ee358790d8abbc9bf0ddca8b5f13cda76cefc","sha256":"f99ce8d5465ef03457f6c7e763c45c41be2589474f81584231aabf2bbcd6129a","sha512":"ed892354ad19e6ac018cc29c921fbb216555cc321746044403eaa6c109528641e74a5cc1d73479a2d7603d8bdda39f32db8243ec03cab0452ac683f5caadda89","ssdeep":"192:e0lMRIbStVAmfKmb6ayb5dIhbel2dYszxasGDqPYwgRb4EYhbO:e0OFtVBfKmXyb5d2al2nzxq6YCI","tlshash":"1c12f858117a043942b519fab2bd52645133d328748f94c0b2ad4e59b891ea332fbffc","size":9327,"data":"","first_seen":"2025-11-22T06:10:35.149138Z","last_seen":"2026-03-16T18:10:31.536165Z","times_seen":342,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/vendors~locale-ru-json.9a007ed9.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"c658d874c32d1a6a32b0fe49aa84492d","sha1":"a798587666880aa1887376c0e8c53b69b4042a98","sha256":"ad0ad35ed3d39719683c25177438eac3d59e1fc8ed38bda9fbdd8d6cd52bbb38","sha512":"db4cc311bead624c48c3887482521c4fca99561942df9fa27769cc4389ef186b98f3458c8d990bf79a241c121bb6f98f7b568655dafecb8998eb266174fb598e","ssdeep":"3072:L9Br/fmoQP+2LHC4bJt6SeiUQKXlWyTbAWfPkcPzPGWIdVRY/SMDkgvW5P4W97JB:L95/fmoQPni4bJt6SeiUQKXlWAbzPkcu","tlshash":"92b3de64595da8ea0206b06bcc087e0a7ffa45ff3fd6935129b46d3e35e6160c13e70a","size":112498,"data":"","first_seen":"2026-02-14T18:25:30.030738Z","last_seen":"2026-03-01T05:41:07.384571Z","times_seen":7,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"introduction_type":"scriptElement","is_inline":true,"md5":"cc9d7cd7d6626a410e73d099737951f3","sha1":"6f3b23cb137a9f0fadfd9abcf76c0356cffbf545","sha256":"23eed609fecb1fa5ddc8646ac9b0cf0c49a76a5e7ebee2dc79f8b630d4b5abe3","sha512":"cadd23dd355914f7cf21d371130643a7f42901934ce4e3eb94c3dc3167134105a23ab450730a2c06920fc1eeff3f23e4d20379ecb57ed3d6ea0b4e82d5d628c3","ssdeep":"","tlshash":"3b01f42a7ca470b0547370ba5bbba144223632030804d6a43eaca7161f3a9ae9dd3b48","size":664,"data":"","first_seen":"2025-11-29T08:32:41.821293Z","last_seen":"2026-03-31T00:45:46.297194Z","times_seen":38,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/769087b8.d.m.ITzlo9tB.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"a97b2ac14757f4188da0ec0ef2783734","sha1":"f609d1ed485daf753a305a91c8cf30f8aa82a2ba","sha256":"1ce54bfd9a8ef9a74e095ff20438dd261ed146d5bd74ba3db0714760b55690c3","sha512":"c85cfe94e20f8fd9a422a0b6b5be3eac8966046a92fa141f0cd12d63cf62bf5f3d24a69f538527689a25c0b439e0c5728e414292481ff01d099680605d26b4f9","ssdeep":"192:AULK5rHvInYEbNRMNVLAi2JVWUwTwqjkW6JLRvpsJY:NOPInYeNRMLAi2KUwTwqjkW6RRxsJY","tlshash":"d912c5cd73d1fa7252a6a9a5203fa006bb7f66a9681c4420d14dd4c13e7588fc933fad","size":9548,"data":"","first_seen":"2026-02-26T15:36:50.748248Z","last_seen":"2026-03-08T14:14:44.173525Z","times_seen":13,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/faffda3d.d.m.n-3WgiQB.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"introduction_type":"importedModule","is_inline":false,"md5":"694a3ca1afafe429e128667f7a9a8168","sha1":"10249eb08ccf20906fa9bd0f214106f6e3b058c6","sha256":"71ef09064e25a1fd3014687107b694371ee6bf9a72be670edbfcfa858ce2576b","sha512":"08e7f8fcfe40a13df522109b47a9832a4eb774c6e5e1a470069e846fe159b58946643fbb513b9ca7b2f8c0078012faebc84301de45fa29bb7f666731b81d21dd","ssdeep":"98304:G+7LKy28vtqpMGBtU1RHqPvJE1G7OuFUT/SJJbtrjd7Bh2vVA+:G+7LKKtYBtU1RHqPvJE+d7n2vVv","tlshash":"bb066c46b55924b9c3f36445e05b2400a7780b86f2e488c1f9fd8e2f1ba9d78533bb5b","size":3821214,"data":"","first_seen":"2026-02-26T15:36:50.812248Z","last_seen":"2026-03-01T05:41:07.386515Z","times_seen":4,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"be6808b734a8226f932ccbed46abd4c3","sha1":"e99369c89962018d66d6d9d6ab2e044957a72c83","sha256":"e906c2f60e55c9f55751ee306c0c8d68f1b4b5dafadbdfba9f866b116b01c299","sha512":"8eb79da7d960c77acedc69726b2d30bf7aa2db055bc89869c0309e8f07bf9df2d76d9f2a3c2314c7fb27dda571c8bab56ec2dfd518710e7159c5fd42b75f01fc","ssdeep":"","tlshash":"b3f0970e9cc503a043f800c483bbff1df29f210c881c8264c3c78882760aa9398323e8","size":487,"data":"","first_seen":"2023-11-07T14:36:47Z","last_seen":"2026-03-29T15:19:13.501559Z","times_seen":115,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/vendors~sentry~app.6ffaf6b6.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"introduction_type":"scriptElement","is_inline":false,"md5":"043179025e75b3f210655e32ee0f1a9f","sha1":"368ad62b6af595cede271e7ac4140106ef780284","sha256":"9b03ca1d1601cfaad1efabd6cc84f753eed5273a8746779df06f479bc2190075","sha512":"bab8a9ca8bfbd122f5febe5f793238d0ef40ccfdc2f223de2cab77c157421f7ce45f1c682abdca68466a45bea4705d1be8d21be78a64b46b409ce7123265227d","ssdeep":"1536:cAy1BQKh4+lC4el5txG+u0JnbrpxyR7+hlPp:cAy1Jhm1l0Lan5xy0","tlshash":"0d73a2c9b1d2b02053eb19a5903b410ae77a5994300b8490f67cddde7eba15ee273f2d","size":79172,"data":"","first_seen":"2025-12-12T19:24:48.741414Z","last_seen":"2026-04-04T14:28:08.445978Z","times_seen":3796,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":[{"md5":"fe364450e1391215f596d043488f989f","sha1":"d1848aa7b5cfd853609db178070771ad67d351e9","sha256":"c77e5168dffda66b8dc13f1425b4d3630a6656a3e5acf707f4393277ba3c8b5e","sha512":"2b11cd287b8fae7a046f160bee092e22c6db19d38b17888aed6f98f5c3e936a46766fb1e947ecc0cc5964548474b7866eb60a71587a04f1af8f816df8afa221e","ssdeep":"","tlshash":"54600088282020000000228008802020000203e02002020020c020202aa02280800200","size":15,"data":"","first_seen":"2023-03-07T01:02:47Z","last_seen":"2026-04-04T14:50:17.505894Z","times_seen":62958,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]},"http":[{"url":{"schema":"https","addr":"leon75.bet/favicon.ico","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.287Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: image/x-icon\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: W/\"699d821c-47e\"\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1150,"size_decoded":0,"mime_type":"image/x-icon","magic":"MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel","md5":"64de7da7635492586554d0f6d496ad86","sha1":"c8db566c07e86c484dfeeacb9c509616f68af64e","sha256":"e8ceb48efc3ae43c8756f9d57267ddbf0676c1951cacb0928b7d4e538e40688d","sha512":"ba4309f5d30b4b6e34d8c5da4427338168d7b34e10884e77ca36cf35275a0754e4d51dbbd764418bffae5137170ded83da5e5ec538341381bd37bd740fd3967b","ssdeep":"","tlshash":"5b218c1234618c68cc580930ceffd7b2baa67cd4220b12f266f1bf7b3870340461a601","first_seen":"2023-12-12T16:38:31Z","last_seen":"2026-03-29T15:19:13.331537Z","times_seen":277,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.liftdsp.com/smartpixel.js?pixel_id=154038\u0026json_id=ac786b28-283a-4d76-a40b-23e03f94ae14\u0026diagnostics=false","fqdn":"track.liftdsp.com","domain":"liftdsp.com","tld":"com"},"ip":{"addr":"3.167.2.124","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:30.590Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"track.liftdsp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Fri, 25 Jul 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F5:18:52:8D:E1:26:95:D7:DB:15:DF:B9:09:C9:C3:C0:77:05:A0:CA","sha256":"73:B8:80:92:8F:BE:DE:B0:39:0F:83:CA:C8:55:E1:16:99:75:C0:B1:4B:73:FD:83:54:F0:AC:CA:65:35:39:40"}}},"request":{"raw":"GET /smartpixel.js?pixel_id=154038\u0026json_id=ac786b28-283a-4d76-a40b-23e03f94ae14\u0026diagnostics=false HTTP/1.1\r\nHost: track.liftdsp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Fri, 30 Jan 2026 13:11:06 GMT\r\ncontent-encoding: br\r\nserver: nginx/1.28.1\r\nx-powered-by: Express\r\ndate: Sun, 01 Mar 2026 05:40:30 GMT\r\ncache-control: public, max-age=0\r\netag: W/\"246f-19c0f075a10\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 36817f2624d87ea26a28cf9e3afd2402.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: qkPqjUWtguO1ZPLuvHaLSIMNCjTcbAQF366HHi4022dsHMldKJrMVQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":9327,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (9284)","md5":"5517675f9e392d7c5baca5af98c92978","sha1":"c49ee358790d8abbc9bf0ddca8b5f13cda76cefc","sha256":"f99ce8d5465ef03457f6c7e763c45c41be2589474f81584231aabf2bbcd6129a","sha512":"ed892354ad19e6ac018cc29c921fbb216555cc321746044403eaa6c109528641e74a5cc1d73479a2d7603d8bdda39f32db8243ec03cab0452ac683f5caadda89","ssdeep":"192:e0lMRIbStVAmfKmb6ayb5dIhbel2dYszxasGDqPYwgRb4EYhbO:e0OFtVBfKmXyb5d2al2nzxq6YCI","tlshash":"1c12f858117a043942b519fab2bd52645133d328748f94c0b2ad4e59b891ea332fbffc","first_seen":"2025-11-22T06:10:35.149138Z","last_seen":"2026-03-16T18:10:31.536165Z","times_seen":342,"resource_available":true,"data":null}},"time_used":151,"timings":{"blocked":61,"dns":56,"connect":1,"send":0,"wait":23,"receive":0,"ssl":6},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/images/typing-indicator-dots-dark.b4911cf33eaefdefd295.webp","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:39.698Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercomcdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 28 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"64:9F:0E:45:43:8B:97:70:93:C0:3C:A3:8C:86:3C:74:78:46:6C:83","sha256":"E3:A5:51:D3:19:77:B6:1B:44:2E:AB:1F:87:9D:CF:AA:C8:71:56:3F:4E:E4:70:F5:F0:03:7E:70:C2:D9:65:BF"}}},"request":{"raw":"GET /images/typing-indicator-dots-dark.b4911cf33eaefdefd295.webp HTTP/1.1\r\nHost: js.intercomcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/webp\r\ncontent-length: 13110\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nlast-modified: Wed, 25 Feb 2026 22:34:15 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: OWcLnj0ayRKpubEZm1IsTzTkAyG4ORYB\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sun, 01 Mar 2026 03:46:13 GMT\r\ncache-control: max-age=31536000, s-maxage=7200, public\r\netag: \"4a2b68bad9e72ae6e95cbd8b5c8d89be\"\r\nvary: accept-encoding, Origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2d4ccfc38ee1229022124d55e34be376.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\ncross-origin-resource-policy: cross-origin\r\nage: 6867\r\nx-content-type-options: nosniff\r\nx-amz-cf-id: nKrKIHnH0r3vDhesuKxMM9XmaI_ToeYB7qoo3484HKfg2zjZ1MZ3Lg==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":13110,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"4a2b68bad9e72ae6e95cbd8b5c8d89be","sha1":"a03675fb458c08042e996913ee2b0f1304015f19","sha256":"a33b1882b4052fa0f099caea48a19c4d49b088bf370c013b042bdbd723304956","sha512":"766424656fc3636cfdfac75854466b8408e633fce962473fc1d8c966fa72308f6e3f0162d4b2021e399e9695d3d0ee93f8d6c9689a793f6e0bdc5f86262badfd","ssdeep":"384:3C9X27RBsApvv8/10SEc0qPZbRY8GuQiD2ifu7:3C9iRSOvo0dc0OYZjif4","tlshash":"71429fdb1782b919e1232df94ed196e509032de61a0b5fbc50cbe0b70091d99ff16eac","first_seen":"2025-07-01T17:19:57.239392Z","last_seen":"2026-04-04T14:28:08.407683Z","times_seen":6570,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/14-1.svg","fqdn":"cdnimages2.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /SC/Leonbets/web2_footer_icons/14-1.svg HTTP/1.1\r\nHost: cdnimages2.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1835\r\ntraceparent: 00-9bd8ab9c48a0aec96fbdd3e1b861554e-5b2d3c5bc5855b23-01\r\nlast-modified: Thu, 10 Nov 2022 08:56:37 GMT\r\netag: \"72b-5ed19f3710083\"\r\naccess-control-allow-origin: *\r\nexpires: Tue, 31 Mar 2026 05:40:25 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\nx-id: sto5-hw-edge-gc19\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1835,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"14b00be227614dfab6b05117b1075f67","sha1":"601af27e64258c473b07ade1f6e034f4bf96b3e5","sha256":"09ba1ce09df6e07f4b2994c18d0c7d12380a528eec8872cb231be5dc24af7e53","sha512":"2edde045af366cc5e10c32f5cc7758767a815b528019870f2c1c935ceeb8e5e4c920187752396d31a3e52983955441b02803358d643472132c407fe851ea4f80","ssdeep":"","tlshash":"c83122d4336d53b8970af3666e2061937e1241e5ff84d670c7582e4f79054ae4d89ec8","first_seen":"2025-07-09T00:32:09.402299Z","last_seen":"2026-03-01T05:41:07.271564Z","times_seen":5,"resource_available":false,"data":null}},"time_used":292,"timings":{"blocked":49,"dns":0,"connect":0,"send":0,"wait":242,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC\u0026cx=c\u0026gtm=4e62p1h1","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:30.473Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:37 GMT","end":"Mon, 27 Apr 2026 08:36:36 GMT"},"fingerprint":{"sha1":"8B:BA:E2:19:5D:6C:81:59:ED:D8:AA:3B:2D:5F:A3:A2:C8:A1:E3:DF","sha256":"B0:8C:FC:C1:98:34:EB:0E:FF:AB:13:B4:9E:AA:B1:7E:02:11:9A:93:31:F2:A1:0F:23:9E:2B:C3:6F:EC:26:F8"}}},"request":{"raw":"GET /gtag/js?id=G-JZZNGY93CC\u0026cx=c\u0026gtm=4e62p1h1 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: br\r\nvary: Accept-Encoding\r\ndate: Sun, 01 Mar 2026 05:40:30 GMT\r\nexpires: Sun, 01 Mar 2026 05:40:30 GMT\r\ncache-control: private, max-age=900\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 142370\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":423062,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (6033)","md5":"22a61eaf1fb843af6c500686d7cabbff","sha1":"a0c91a0f9171a6319a60ca09b62cbd79678e58d1","sha256":"ef54601676ce64acb225e54cc0ce457c059fa1ae48100722f4664e7aa347fe45","sha512":"114969aec54a575ea5694c96ab8fbe845d10da51ab27b3bd91d68ad0ae802762d625048eb815b786ff7a227309ac5f03c98e2ed0eae7b072bbd8e0d3b05ba13d","ssdeep":"6144:tEk83dcl+c8oKTLvGRL8XZtTzWEzXJDlzRila5FryllFP4:n8+l+c8oKPsL8Pil69yt4","tlshash":"ae9419ceb3d674225396f478503f018ba57b68a2b48cc899f189cce42d7469a4277f7c","first_seen":"2026-03-01T05:41:07.272114Z","last_seen":"2026-03-01T05:41:07.272114Z","times_seen":1,"resource_available":true,"data":null}},"time_used":95,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":45,"receive":50,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-esport.svg","fqdn":"cdnimages3.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /HRJLWPLB/files/showcase/dark/color-esport.svg HTTP/1.1\r\nHost: cdnimages3.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: image/svg+xml\r\ntraceparent: 00-1ede89bc93f1bef2386e3b7829c8b13d-518dc5cc3e8f2f15-01\r\nlast-modified: Fri, 19 Mar 2021 17:11:17 GMT\r\netag: W/\"c49-5bde6cddfff2d\"\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc19\r\nage: 206915\r\ncache: HIT\r\nx-cached-since: 2026-02-26T20:11:49+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3145,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1d6280e68aabc41f98590f26a8d9777d","sha1":"a78490af36a48c3fcaf70f775c085fb5cc8f09b8","sha256":"3dda9b271d14659c452372e5ea0ffeff160b98f06a8f71a1636513fcc9dee439","sha512":"4560b989a80056d7ab017706b7154059bf95e5d29dfb97da7595c6288d956cf5ae884eee0458bfa9e944762c6ede445f0a9b2b9c28c25d6c4c265fbd2a14c0be","ssdeep":"","tlshash":"095145e7eaece0d5e84ad7a8d827c866b62d38fa67d3db5083c46f5df02409d4485d10","first_seen":"2023-07-08T17:48:53Z","last_seen":"2026-03-29T15:19:13.333625Z","times_seen":62,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:29.981Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 5789\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":5789,"data":"[{\"id\":\"26a5c419-8519-4426-86db-762ffe5acf1f\",\"qKey\":\"0956b97c-118\",\"operationName\":\"doSaveLog\",\"variables\":{\"options\":{\"appName\":\"@frontend/web\",\"appVersion\":\"6.131.3\",\"level\":\"ERROR\",\"line\":0,\"column\":0,\"error\":\"YandexMetrika registration error: config={\\\"counterId\\\":71598811,\\\"isDevIP\\\":false,\\\"accurateTrackBounce\\\":false,\\\"clickmap\\\":false,\\\"trackLinks\\\":false,\\\"webvisor\\\":true}\",\"file\":\"\",\"url\":\"https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\",\"ts\":0,\"stacktrace\":\"r@https://mrspeedtime.gcdn.co/js/ba8af1f8.d.m.VUq491aJ.js:1:2708\\nB@https://mrspeedtime.gcdn.co/js/92bec47e.d.m.D4KO6kr0.js:4:4291\\nqR@https://mrspeedtime.gcdn.co/js/92bec47e.d.m.D4KO6kr0.js:5:2298\\nonerror@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:149648\\nEventHandlerNonNull*addScript/\u003c@https://mrspeedtime.gcdn.co/js/92bec47e.d.m.D4KO6kr0.js:1:44309\\naddScript@https://mrspeedtime.gcdn.co/js/92bec47e.d.m.D4KO6kr0.js:1:43572\\noo/\u003c@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:149788\\noo@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:149379\\nensureScriptLoaded@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:151120\\nregister@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:151699\\npo@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:152659\\nco@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:152323\\nW_/\u003c@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:152595\\nemitFrom@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:1:24627\\nemit@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:1:24496\\nemit@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:91\\np@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:6:3834\\na@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:6:2892\\nqt/\u003c@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:6:3304\\nr@https://mrspeedtime.gcdn.co/js/036a973d.d.m.DDj01hZ8.js:17:11017\\nsetTimeout handler*Xo/\u003c@https://mrspeedtime.gcdn.co/js/036a973d.d.m.DDj01hZ8.js:21:7819\\nqt@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:6:3239\\n$r/\u003c@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:6:4051\\nYt@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:18235\\nIe@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:18305\\nzl/s.call@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:52334\\nY@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:53328\\nzl/p\u003c@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:53541\\nzl@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:53650\\nKt@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:52065\\n$r@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:6:4009\\nsd@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:10:13479\\nasync*g/\u003c@https://mrspeedtime.gcdn.co/js/app.I75bNnF2.js:2:1287\\npromise callback*g@https://mrspeedtime.gcdn.co/js/app.I75bNnF2.js:2:1266\\nasync*@https://mrspeedtime.gcdn.co/js/app.I75bNnF2.js:2:1319\\n\",\"payload\":\"{\\\"name\\\":\\\"qR\\\",\\\"message\\\":\\\"Script failed to load: filename=https://mc.yandex.ru/metrika/tag.js; message=Possible cause: blocked by an ad blocker\\\",\\\"code\\\":\\\"SCRIPT_ERROR\\\",\\\"metaData\\\":{},\\\"stack\\\":\\\"r@https://mrspeedtime.gcdn.co/js/ba8af1f8.d.m.VUq491aJ.js:1:2708\\\\nB@https://mrspeedtime.gcdn.co/js/92bec47e.d.m.D4KO6kr0.js:4:4291\\\\nqR@https://mrspeedtime.gcdn.co/js/92bec47e.d.m.D4KO6kr0.js:5:2298\\\\nonerror@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:149648\\\\nEventHandlerNonNull*addScript/\u003c@https://mrspeedtime.gcdn.co/js/92bec47e.d.m.D4KO6kr0.js:1:44309\\\\naddScript@https://mrspeedtime.gcdn.co/js/92bec47e.d.m.D4KO6kr0.js:1:43572\\\\noo/\u003c@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:149788\\\\noo@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:149379\\\\nensureScriptLoaded@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:151120\\\\nregister@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:151699\\\\npo@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:152659\\\\nco@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:152323\\\\nW_/\u003c@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:152595\\\\nemitFrom@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:1:24627\\\\nemit@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:1:24496\\\\nemit@https://mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js:2:91\\\\np@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:6:3834\\\\na@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:6:2892\\\\nqt/\u003c@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:6:3304\\\\nr@https://mrspeedtime.gcdn.co/js/036a973d.d.m.DDj01hZ8.js:17:11017\\\\nsetTimeout handler*Xo/\u003c@https://mrspeedtime.gcdn.co/js/036a973d.d.m.DDj01hZ8.js:21:7819\\\\nqt@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:6:3239\\\\n$r/\u003c@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:6:4051\\\\nYt@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:18235\\\\nIe@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:18305\\\\nzl/s.call@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:52334\\\\nY@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:53328\\\\nzl/p\u003c@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:53541\\\\nzl@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:53650\\\\nKt@https://mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js:1:52065\\\\n$r@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:6:4009\\\\nsd@https://mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js:10:13479\\\\nasync*g/\u003c@https://mrspeedtime.gcdn.co/js/app.I75bNnF2.js:2:1287\\\\npromise callback*g@https://mrspeedtime.gcdn.co/js/app.I75bNnF2.js:2:1266\\\\nasync*@https://mrspeedtime.gcdn.co/js/app.I75bNnF2.js:2:1319\\\\n\\\",\\\"silent\\\":false,\\\"interactive\\\":false,\\\"cause\\\":\\\"null\\\"}\"}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:30 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":131,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"208f8cf9aadd73fa4e6b32c2acbf9e65","sha1":"6bc87396f9a940a8a4d8d1d5da932ab2a6c72e19","sha256":"208af0b059630640eb534c1549d4ff2834da0a5c07adfca0181099bc30ea0f1f","sha512":"5342c3c74d4f97158f2daa9db3e78d041b43ae328c19b238ce5e6d8f2393e3dec18f163fc359516987476ecb239488200f732217ba3ef3306a371c6185c6163f","ssdeep":"","tlshash":"14c02bc12c0153080c0cc0941e33dd5063307680c40a440c03e6b02081876bc21c7902","first_seen":"2026-03-01T05:41:07.273352Z","last_seen":"2026-03-01T05:41:07.273352Z","times_seen":1,"resource_available":false,"data":null}},"time_used":50,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":50,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"ps.l.liftdsp.com/ac786b28-283a-4d76-a40b-23e03f94ae14.json","fqdn":"ps.l.liftdsp.com","domain":"liftdsp.com","tld":"com"},"ip":{"addr":"52.84.50.113","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:31.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ps.l.liftdsp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M02","organization":"Amazon"},"validity":{"start":"Fri, 07 Mar 2025 00:00:00 GMT","end":"Sun, 05 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"3C:FF:93:7A:39:16:1E:F6:27:5B:22:3F:5F:C7:A6:C3:6A:22:BF:62","sha256":"0E:06:CF:4F:55:41:8D:9F:FF:83:14:09:B2:03:4C:67:98:C5:19:10:75:CB:52:BB:6F:5A:2C:81:E1:FF:B2:29"}}},"request":{"raw":"GET /ac786b28-283a-4d76-a40b-23e03f94ae14.json HTTP/1.1\r\nHost: ps.l.liftdsp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/json\r\ncontent-length: 50\r\naccess-control-allow-origin: *\r\naccess-control-allow-methods: GET\r\naccess-control-max-age: 3000\r\nlast-modified: Wed, 07 Aug 2024 15:08:37 GMT\r\nx-amz-server-side-encryption: AES256\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sun, 01 Mar 2026 05:33:53 GMT\r\ncache-control: public,max-age=900\r\netag: \"e96cd5af6f065e5048b3ddd2913dac50\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 8c3a87d110aff35fe17513b9a9ad30cc.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P3\r\nx-amz-cf-id: wyxFinO4a9vO_Td2hTDvAzYHI3t2XkbZYcRYlGMubTcn6y-C-TCXVQ==\r\nage: 617\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":50,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"e96cd5af6f065e5048b3ddd2913dac50","sha1":"98f5fff6913c150009fb01c2cf5bbe83c250f80c","sha256":"88c38dd5fd1531be2d044c85bfd00517c41ce29b03c514d620d80a80241a1f11","sha512":"9478fcbed66ba6836ed9bccc5f3f3c1681d7527489c521c85566a2368089191fe173735d89f1277a5f86da659be50879b9e0ac7f62c1d7a1d4a905af8c49f990","ssdeep":"","tlshash":"6790041740037457c457c75041443d55d75d0d370c170f7404551d4503f53777540117","first_seen":"2024-08-31T07:43:55Z","last_seen":"2026-03-29T15:19:13.337153Z","times_seen":103,"resource_available":false,"data":null}},"time_used":152,"timings":{"blocked":70,"dns":63,"connect":1,"send":0,"wait":3,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages3.gcdn.co/HRJLWPLB/files/top-nav/vip-ic.svg","fqdn":"cdnimages3.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /HRJLWPLB/files/top-nav/vip-ic.svg HTTP/1.1\r\nHost: cdnimages3.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: image/svg+xml\r\ntraceparent: 00-88872a53d5f20c471767ee2fe69b09fb-f347137162810808-01\r\nlast-modified: Mon, 29 Jul 2024 11:38:11 GMT\r\netag: W/\"106a-61e614bbda1cd\"\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc19\r\nage: 320242\r\ncache: HIT\r\nx-cached-since: 2026-02-25T12:43:02+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4202,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"7ef082510b46a6aeb00c0df559b2de18","sha1":"b483a67c1a80a1db0afdd67246d5faf47f846f42","sha256":"155705ad90a321b396a52fbab695bc92f9a2046aac18371fb9a172657e97c2a6","sha512":"b23cde6916243bb8bd8695e5a97722d815217395a2727cd39aa9f459f344b88c951a260a56557d6bab22af21307f9765e408b8f67d310970747131cd6fdb2d11","ssdeep":"48:e8O6IHpZU+i2/zId7HoWsiN0thXLiJpwO/b37IvgFLQLZi/hABNFkg62venBHcA2:go0kMWsA03i/bYgF0I/hABLkrQeBB5K","tlshash":"c681892aa144d61d5883e24dcbbf91e1134e4066f1ea92dc7affd3aca10f4d4f946834","first_seen":"2024-08-31T07:43:54Z","last_seen":"2026-03-29T15:19:13.373051Z","times_seen":108,"resource_available":false,"data":null}},"time_used":51,"timings":{"blocked":39,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-fastgames-1.svg","fqdn":"cdnimages3.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.989Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /HRJLWPLB/files/showcase/dark/color-fastgames-1.svg HTTP/1.1\r\nHost: cdnimages3.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: image/svg+xml\r\ntraceparent: 00-a6417185275433a5ed0aafd9a5e260b1-4dd3757c6f31121c-01\r\nlast-modified: Thu, 03 Mar 2022 12:10:23 GMT\r\netag: W/\"55b-5d94f4862b1cd\"\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc19\r\nage: 256197\r\ncache: HIT\r\nx-cached-since: 2026-02-26T06:30:27+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":1371,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b42397dd8157df7d92dbb0bade9d95a6","sha1":"4a1e5c65f03170c3c7fb20b8ca7c5db903587f4f","sha256":"fa3b577a638cbb33b1bc0324a32c3f032f945586d316b994e73b766d6e776b66","sha512":"9951b4673110aae3bfdecfbc191a0471c4970ad2a9bdf497b3476f8f935e220c4d037eef8e51154423b54e403f4fdcf4b19dd24c9015481fe09292f5b1253376","ssdeep":"","tlshash":"dd2133bad1e9f891da00e3bc9d28ecf1355611f77586c194c3e5ae49d41d0ad488cac1","first_seen":"2023-07-08T17:48:53Z","last_seen":"2026-03-29T15:19:13.464739Z","times_seen":60,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-JZZNGY93CC\u0026gtm=45je62p1h1v871047016z8890860847za20gzb890860847zd890860847\u0026_p=1772343629948\u0026_gaz=1\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1485598974.1772343631\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAAAGA\u0026_s=1\u0026tag_exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026dl=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\u0026sid=1772343630\u0026sct=1\u0026seg=0\u0026dt=%D0%9BE%D0%9E%D0%9D%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE\u0026uid=\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026ep.event_country=NO\u0026ep.platform_type=web\u0026ep.device_type=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026ep.web_version=6.131.3\u0026ep.theme=DARK\u0026ep.full_url=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\u0026ep.previous_page_url=https%3A%2F%2Fleon75.bet%2F\u0026ep.main_domain=leon75.bet\u0026ep.lead_section=home\u0026ep.event_category=registration\u0026epn.event_timestamp=1772343629946\u0026ep.event_action=Page%20visit\u0026ep.website_product=li\u0026ep.website_skin=default\u0026ep.website_locale=ru_KZ\u0026ep.first_theme=DARK\u0026up.customer_login=\u0026up.customer_status=logged_out\u0026upn.customer_type=0\u0026up.customer_bet_type=UNDEFINED\u0026up.vs_lw=false\u0026tfd=8514","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:30.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:37 GMT","end":"Mon, 27 Apr 2026 08:36:36 GMT"},"fingerprint":{"sha1":"8B:BA:E2:19:5D:6C:81:59:ED:D8:AA:3B:2D:5F:A3:A2:C8:A1:E3:DF","sha256":"B0:8C:FC:C1:98:34:EB:0E:FF:AB:13:B4:9E:AA:B1:7E:02:11:9A:93:31:F2:A1:0F:23:9E:2B:C3:6F:EC:26:F8"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-JZZNGY93CC\u0026gtm=45je62p1h1v871047016z8890860847za20gzb890860847zd890860847\u0026_p=1772343629948\u0026_gaz=1\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1485598974.1772343631\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAAAGA\u0026_s=1\u0026tag_exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026dl=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\u0026sid=1772343630\u0026sct=1\u0026seg=0\u0026dt=%D0%9BE%D0%9E%D0%9D%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE\u0026uid=\u0026en=page_view\u0026_fv=1\u0026_nsi=1\u0026_ss=1\u0026ep.event_country=NO\u0026ep.platform_type=web\u0026ep.device_type=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026ep.web_version=6.131.3\u0026ep.theme=DARK\u0026ep.full_url=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\u0026ep.previous_page_url=https%3A%2F%2Fleon75.bet%2F\u0026ep.main_domain=leon75.bet\u0026ep.lead_section=home\u0026ep.event_category=registration\u0026epn.event_timestamp=1772343629946\u0026ep.event_action=Page%20visit\u0026ep.website_product=li\u0026ep.website_skin=default\u0026ep.website_locale=ru_KZ\u0026ep.first_theme=DARK\u0026up.customer_login=\u0026up.customer_status=logged_out\u0026upn.customer_type=0\u0026up.customer_bet_type=UNDEFINED\u0026up.vs_lw=false\u0026tfd=8514 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://leon75.bet\r\ndate: Sun, 01 Mar 2026 05:40:31 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:171:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:171:0\r\nreport-to: {\"group\":\"ascnsrsggc:171:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:171:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":116,"timings":{"blocked":46,"dns":0,"connect":8,"send":0,"wait":19,"receive":0,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/assets/sprite.BisbSLIn.svg","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.894Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"GET /assets/sprite.BisbSLIn.svg HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: same-origin\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: image/svg+xml\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: W/\"699d821c-eba45\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":965189,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1f3e3f8e23f7675346dfcae2993abebf","sha1":"536f1db3619a167407aa13a1931f6777bf709c9f","sha256":"b0a1e1b9f76e1deefac0478271956283c5d1475cdd9bd8d93559ea484d925ff2","sha512":"8193ce36c1fdcb640a386f891b3228c8bb5862ab93cc84a145290111f0b66accb9f082d21e4aee818dc01f4b5849dd6223d0915cdb09157e858761ca46003c24","ssdeep":"6144:clO0DikAXtLUHMqeEXTPYUMoV4kILcPLWt6aL9oJ2OYHNAMotVsZTiP:cgMei6o0cDQy2fxc","tlshash":"d625edc51128538ca04bba6ddb7ffec0172f30a7795545821aafc7dc915f680fb8a868","first_seen":"2026-02-26T15:36:50.657276Z","last_seen":"2026-03-01T05:41:07.276666Z","times_seen":5,"resource_available":false,"data":null}},"time_used":59,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":59,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:25.266Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 364\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":364,"data":"[{\"id\":\"32bf8b61-bd47-45ec-9381-8f9472e974bb\",\"qKey\":\"5b49cd5e-162\",\"operationName\":\"getSpintaxMetaData\",\"variables\":{\"options\":{\"routeName\":\"home\",\"routeParams\":[],\"ts\":0}}},{\"id\":\"8c1d87b2-3cdd-4f59-b13f-c792dd8adf46\",\"qKey\":\"33368f52-237\",\"operationName\":\"getCmsContentSpintaxBatchTranslations\",\"variables\":{\"options\":{\"contentKeys\":[\"WEB2_SEO_HOME\"],\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12742,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"f45275e09e1b5d9c87dcaa6bda54d4c3","sha1":"76b1903b627b9f369e7c4e96f42d9271c23d1def","sha256":"9350d0063d9f0d7364db3fe0f695b78cc1b1ae19ebd2b18865a1b52dee65289f","sha512":"29c016a45785f3a335b8fe103bfed923e0ea337baaef60cc7f05cadf53745fa45ae4dbf4fe157084758e134365e6ee288f7231b73426841120419206d7a2c934","ssdeep":"192:NuwbtJoau7litzuUVcL6SwvjkDYuosXIOhryeL4Q2F0yjJM1sL9r8txk9QGLPQIP:wwru5itjDcoAyeL4QiA2m4LAm/YQOZW","tlshash":"2542de9047ee58ae2906e107d958ab0d3c9f08fe3f6a634624f06c7f75e2124c62da5d","first_seen":"2026-03-01T05:41:07.27753Z","last_seen":"2026-03-01T05:41:07.27753Z","times_seen":1,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.418Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 13:47:54 GMT\r\nexpires: Thu, 25 Feb 2027 13:47:54 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nage: 316352\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-04T14:48:47.330717Z","times_seen":62274,"resource_available":false,"data":null}},"time_used":22,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":9,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"5a0ef96fd84066141eb932d11ca5b39bb17a78cb.csftr.com/shield-fp/v1/api/web","fqdn":"5a0ef96fd84066141eb932d11ca5b39bb17a78cb.csftr.com","domain":"csftr.com","tld":"com"},"ip":{"addr":"172.66.40.195","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:30.190Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"csftr.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 29 Jan 2026 01:34:31 GMT","end":"Wed, 29 Apr 2026 02:34:13 GMT"},"fingerprint":{"sha1":"11:89:14:E4:C0:DE:6B:33:22:2C:E7:6F:0F:F5:DC:84:88:2A:33:FC","sha256":"3B:C7:C8:FB:9D:DF:F8:60:5F:77:BF:74:D0:4B:B2:B2:49:20:5F:EF:7C:CD:25:EF:3E:8B:02:4C:82:C3:CB:67"}}},"request":{"raw":"POST /shield-fp/v1/api/web HTTP/1.1\r\nHost: 5a0ef96fd84066141eb932d11ca5b39bb17a78cb.csftr.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 27316\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":27316,"data":"UUlDZkttZWRldElyS0xnVW1Uc0ZjQS90b0M4MGtpNUFNckdXMEIvbGpQSy8wSkY1YmwwVEJGRWZ3WmMrYUk0WnBqaGxmaTBla1FaZkt2ejBmTGJ5bkV4TEtXZjNJTS9YdG0ybGN2K3NKanZtcUwxWXl0MXduZEo1MnFIOHpFNUQ3OUVHRlRkenhGM0VqUlZ0bzNUOEtLc0t0VWx5K1RoMWlxdmxUeEZocTMrQWJaSElRS1ZoNEd0NlArRVpOOC9QOXZiSktuOWRFekp6Y2IycGRaMmhWNHhmT2NoVzJPYWgxRVc2R3NualpHRVR1SEcvc1B1OWtVUldTaTk5RFk0a2Jpc3FpUGJpUlN4WHRaZG5jbU1nYnRVL1NaSHkwWWxVam1NR25aaFQ4bEg3cE1HSFF2dEhwUFVuYndxZkdyb2lIcTRldGNwc0V0NnRpTGplMUllTGlxeStXRDBxSUx1L0hINHJyaDVWWi9YMDZqU3QvZ0J3RGpaY3ZQUVZOYnUwbzl3aTZCc3FzVzFVRVVzZ0dTVThvTjBSYy9NT2VQSnYzWko3cVJMYUg1Znk5MENuK01lRUZjY0srYUJ5eFRXdDNuSlVBM0cwdFhRTzZZOTFxR2MwT21xYTg1QitESTVNZUdxK3pEM3M4dEZ2cEN0cSs0K2txMktUcTNBRGlWc2Q2SThaVVNOTzM2L2g1MXkxU2xtVklDN08yenNsWWdtWmNaUE5YUTg1VHBjNFUyRkM3R2xNbmJLVW5Ld01sQnVZRzl0WmtBdVRnU3AxaTgzMEJUd1JDOE9FYXBrSS9QOWpmQmxjanBVM1liamszajg3clJQa1RtTlI4eWpPRHBTK0srMjBacVBjaWgxcGpJMThVZENyMFJaM0lqa2JYQ252SDM5S3JoV08xL01DV1hTTjFPMkdXclVaRW11aFZaM0RUeFFqaHBvUnlkSW0xeXZBOHRjeHIwWFlBa1NPdmZUNEc2MlNzdmo3Y1hoZzRJYXJvaXZveCt2VHVnQ2RLODZXbzhrRnZ3akswNzByRzhTQy9QOVJxeW9JM05IMlBtTmlqTGZJR3gzMTl1cTBBanY5RjY1cTVXVUUwV1BVQmp5R0Z3Zjl4RnJNOUszNGcwSTR3eVZzcVF5TWpabGhuWkluYlRxTTFKd29sK2hJVm9XQUpsQkxiOHRFOHJJM2prUVVGWWpUK05GeWR4a1o0WVBOZy9rVjV0aGQyRHVUcGJJekUvN0xqS2xDS0VKc2wvRWd6SHpIWWp1WEVucmVmcTAvTkdySVl4QnI3b0o1NVE4WkZvSnZTcHhjMTJnOWtRREdFRGRjaFlLRWdCbURMN3RJM0Z2dVN3a2VvZjFkS2Ryb29JYndBK0MzUnA1aUs0RTFkVFQ1UTM0SXVscGZJOFNoc0NLTHh6ZDYxbWlsYUJNazVBS0t3UFpDOTk4N1Y4Rm1LMWxtYVBHK1NSa3hvdDFzMzY4VzBicjdPa1hhaEVLRWRFdzgvaVFScE90RndXZmRuSStPL0N1Q3NuMkYwT0NNb1N3RWRQYWNtQ2JWakZkYXp4YmVZUGJJalJRcER1bWNCdmJzZ015UDd4enlQZkEwVFQxaTZpazN6SHh6YlFDUi9yZE5xYnBDa2ozMHhjdmdNMHB3bWZDODhBQXE5YXpyTWVQMDJndlJUVjZqbHhPMEJyRWIvdmh5NGFDK0VxVVhZRTJidmhkYlNESWoxUlRaOTFJVks2UFczbEdWeVN6Vlc2cDJucnpjK1VOKzdiL01sbUkzVUloekx5aUwrR0plUkFzaEVCRHBGWTdTRE9ZR3RsTnVGS0QvMmFBNFFDS0xYOGNTNnJjVUczTkNDdXQ0b25JRS9rVEJWTG9PdVlVcUQ2cDVmclZOdndFcHlBblZ3Q3hZUTB0cEpIM3hodXdFVHV5TEFzb2swZVQxNzh6ZVYxdmFWbHVBS0kxeFBSZHd1SG5jRWN2TlRjUlZDK2lSd2d0aEpEOWs5TVZGVHBWRjdBbGdYSTJ3UVYvdW80ZXBTc01OOGp0Q0dMM3dGL2tmQjhrZUlhS2RWb3I0b3poRHZKYzZRd28yNXYxTmtxS0VDcGhXeFF0WWRyQitDN2dkaU9IM2lsSUpDSXNYS0tvaFA3YWxiRHRNa2czRjc4UGE3Ti9haDR4ZXBjOFFoL1JBcWwzVkFmQVE1RUVkZHJKdnpwTVZ0dTQ3Ymw3NjErWGdiZDlUY3FWSFJqYnR2dDRjOHdDemFaS2N4dGFZTXg1OHFmbnpwclk1dWVHUDFpNWM3SXV6cjNmTmpyT0RSTE1wTWliNHJGOUIyVis2RnBWd0Niejh5MHE3SjVKaWxNRlEyNGIzSU9WTmdTc2I2Z281NC92U05KVEpPOTByWXZFMFVZanBlVGhqTUJzcFNidXN1YlIyYU0yb3pBUXh1U0JEMnRCUElxQU1xTkVQWU1sMUVzN1NuVDZYUEpRU2lnbnZYS3RxS3lvdWZHZktDUVRYR1V4S0d4QW84S1lmS1hLSTBlWEFaaDRydFhSTE9VYUtXM0g4TC9vYzArc3hVL3EyOWhkMDVTS0RNd1UwTTNjT0JnVlB2RlRkWjZra1lWcXpNVWkzUlU0aVdMbzNFSlRSc2RoWjR5T2F1VWl4NEJ2U2Z3N0NLYnU5VEUzVllOUHA1VHpxZUVzWkNRaGdFVmZTMVk3ajlLVGlKb2dxczVzek5xbUJBMUV3R0E0cjNtRTdCWjZ2QVJLYVRhaFNUNXRieWF5cHptK09VZGk5YzN1RnMwUldYV04zTWlYK3M4M0VlVUgvWTN6TEE1a0NCSDhpY1pUQnZhOFlxWWFBK1d1ZnlNcFluOWladnBMVlhTWElmQWpkUU5Wa245VXZ1a281TzFORlY5SEZoK2ZkVktUNlNSWE1zRlgwZUwzSVZYZWp1TmcvNXpzZ3BrUStMcDRZOHpZME13cU1lMDRjbVdscThJN0pUeEZ0WkgzZzZkc3M2aXk4N04rY1J6cjZRc0tnclVMTHNPMVd5b0k2Ri9QVVpWL2NLZ09yVFRJNTM2aWRVaW1QZ3BGVHpBK0tCZDVNWTJjRERjeFU2RG9NcER3Wnc5NzFEeTBlNjNWejZjNXN2NWZlWFIveG8xSk52WUR0eXF1M0tlQ0tvQUFzZ2JoNGF1Sy93UE90c2JzSlMxcFRWUVJWRDFYWitrTXFrTGlHWWloY1VXb1FVT0tvMjBIWWVYVmNLQytSWkREZE0ySkJwREQyZ05qdlhzdG0wSjlERHFYc0FkV2dKQStxZzFRZVBqRlVTckhBbkNqZGZjWHVwMmUyVis5Y2VtVVNpeVF3TGYyRXc5ZmlWZXhJV1FHVTNzTlp6QytBU2t4NUU5RndJSlVFVk9hVjJhSy9tdXYrbU5La1FOM2xLbnF4TXNGMGdEanMzWnlCNFhzRG9JenpNc0ZPL0ZhT0pQeVkxZVIwSTlzOWF1enVjcERkR2VqVFFZd3NXNHBWb01pZUlQMGhoT09vbkZKZ05qNGg0NDMzN0FZUWg1L2R3K0ZTdHhhbU9oUWp5TXZRdFVoVHR3UmJ3WDA1WURWdWVCLzRQQ045L04rUlpFUnFKbnNiQU4xazRYcGpLV09UREhERlN5MkQrNit2dnRBTEd2bERZMXBzUGVraFRRaFBqcWhRMkZYQk1GM2tLR3lxenFnbGkrU2xMMXFic1B4U1dRdjIrWlY1UGtUa1R4dWNMalRiUUJiOUFtK0JsQzF0UnB5UGl4SXpqaWNvbU5PSHZ3QzRxWmduWnRyd1J0b2puR3dwSkpTK3pWdnN0cUt0bXVRYStvSkdvRHZhNVBPRjU1TmJvWnFUNW80S01tUHFLV0JDTnFRYWxBcFVOaEtxOFZIOXdSRGVZVElqaXk3TElJa3k0U0F0NVBkbnk0ZjIxTk9CYzNUSW1ERDlNcWhlRWlacXh4c3JpV1VzbzZBNXEvUHgyeEM4eXR5RlQvdDVZNjBrcUxOU3JReC85MGdyZWJWaE5YM3ExbFBTdmNJTWdtVEJUYWhUL2pUT3dDdHh1Vjd0bW85S2JSSmwrM05aR2pEQlpJQ1dTSjRwcmw5T0lhQzlDNE9ZZ0xUMWRocU8yTDlVMW9NRUJXODlDU1lJZzB0YWM4RFB2b3VoTnFFTXJHRW5YRHFtZXViZVRkVWxFQXJOdDU4TUZnQVhoMTNRSzV0ck9PeFFiT3ZFTlFLK0RrYXpYcllOOTZtTnJnaVdVSS9JbW1jUVYyaVJ2My9SVjdCQ25vdGVJQnRCNnNzU1p5eExoalI3empuVERsVEl1NHdEZjhKaENCOWNPM3cxZndHSjJXTm1ydHJIS2hpeC8ya2JjMXVvM3pBUEErRFcxS3JjZmZYTFZkME9qY3V3UEF4VERwanVMc1UxczQyczVHbTRYbHJoL04yRk15d0N0ak4yWVQzZ1YwV0ZPcUpXUjlYZGJSeWV1eUh6aU5jalFDMEJzOU5OcEZ4OHJjcW0zL2NhMGNlN1AzZzJSMTFRMlJteDZvZ2VXcnU5b0IxNFBCd2o4Vlpuck5vQnhYa3RHU1htbDVoYlZEM0YzbFVqNWZaZjZrL3h5N0pjc1Uwc2NkWlE3eXc1UWdZZC9rZkg2YXI2YUVQT285OWRvb0xrRGl1MUpDNXJHZm9rS1FzMUUwVXlIU2t6eTE1RkN2TTBDMTJzRlNUU2cyQS9jL1RkS0dYOGtCTFhMY3RnYU1xY1g2emlUcHZKbWQyY2FSRE51d3ZUczV2czVteDFtR3NnR0xGckFHWFhkV0lGQS9TNGVCUWhPZHJwMjZUYjA3Q1AvZ1AxNFR3Q2lCK2VsdmtHR2VTV1JDZzE1cFdvZnlId1MxU0V4WlQ0NUV1VXV2TE9hM3dXYVJROEFTTHlKYWtpME5xYWcrdXA1QnREeldBSmJ4SW1ZTFdtVGhHb1U2cmhjMGc5TzlsRUo4bmF5SVFHMkVVTm85VGorUklQb3VwVUplM0h1ZnNHcGpXbE9PWWh4aTV4OWFuWUhjVjdJK3FyLzFjek8vbEVCL0d6SUJaRXVnbnRiRXd6QUE5dCtoU3JZM09oVXA2cEpaUzI1RnZxajNXc05rTm5FcnZNOVJLNTVXUE5UU2pvQmVUeWszU2hpeFd2UERZY2o5R2NPeUh4WWRjbjBnVmZ5NFNneklzOW9wQ0FBVXdycWhzQ1MzR3M2b3dLUDRhcDJPeWNzNnZSZE82ZHZlaDF1amFIOExvRHg2L3diWkQ5bDlUbmpOWVpYbFRsT2U0UGpWdFBiRFZiR3ZaREtDWnJ5Z0dRMkJQbzVha0VUdXIwVEFxNHFwbVNROG9FUHNIdGJXK0hzandBNHNBenVqQzhkc0VRQU16RnNwckVYTllqdEVQT2RheUN3cEY2eDg0cklFT1ZyYjA1M01FbUYwQjVsQVAvb2djQnRmUi9qNmtDMTlKeHN2Q0dGbkZKWWR6RTNLZEFyRmVDRXFvUVU1VEFPM3FheTc4dWZBajUxOVVZaGI1ZXozOGF3d25GNEpiMkdtRXMvcVpETzZmVE8xb00rUnZPSnZOaGQwdmY2cGo3Q0gyd256NUZPSUxGOFhnMWNJK1B4aG9pTVBocnhaYzJoejNHNndPZE8ydUExWURpbWVUVjQzZExTcTRUWVBYUFgzV0JhUk9yY2RvNWhUanJDeVdZcHZXb2xudDhtQ2JBdE95aEhzV3Z5QmVZeHB2ZU0zcVdSWGVtanZORFl1emlRdWgzeEtQVVIzejhHMUEzR2NVL28wdVRLaEc5MEZUOTZaVm55SDhaV3prVjVGald0ZmZ5Wkt0VWpWMlRzci9CelVoOHR4Z1hKUVVGTGhoWmN2TXNNQng4TEF1Y0Z0eGluY3BIWHlCYjJBTWRTVUlMaitvaGZaYVdxdE1WcjZ1YU05VlBBZnRUQXJEL0N6ZEl4NUFFeUE0UGVxQktrb0J3RFFpREovWHl2TW9qTktrd0s1VmN1V0RJZ05XOEtqSVVlYjFEWHhic3hqaUdBY0VFVUp3U1puMm5rRmtiK2tqNWUwU2MyMGN6S3gzNWtsYUhnbjMwTEJuOWxKNGtkL3ZkTWFrc05GZ2R6NmE2NGpDOGUzL2p4RzZmVEpMeXZISFBRLzN3UWJ1RWNVMW1HQTVsRzRtVzVFa0ZJdUpXdzQyVEpIdHZFZnpCS1k4SGtXeExURTZtN0dId2orQXVOSzJDaE1vTU1kMEpvUUhmSHdIZHRQUUhYNWVsOFRibDNKZUlmTDUxak1jUEphb3VtUWFuSXdLYlhBbEpBNkdRMmNuTTNra0NrdEszQXNyVmI4VWwzTmRCdWlBVm4xSUcrbkY3SzBHS0pxZEZjempIRzF0di9wMXBkWjhkOEZKa3FEbG9KeU12MFl3MFJEaGcvS1pGckJTS2FlYm04amFnT0QvUlRMY0NXbjB3UktDWFpSa0tRdXBwbHEvWlpqME5MTDRnaU5OWTg1VUpQN3BySkloYThSS2JwVHM4cEwxbkIrWllOS3I4Wk5oQThneGFTQnNRVHVnVWJWTUE1c2QyTms4WEg1N2pTS0VhNlFHd3lhenpqUUpJcENJUU1iTXJDdDI2OUJPYThzU3VRaWpmaU0vQ09wTGZmcDhTUTErWlFxeDdCRXZEZjN6NmZoSzZCSU0wRDYzajVLTnN3ZTg1WjZiTlVrQWRvY1JwazFDVXprd01GMzhPbmxtbHMrdkRYVXlFN0dsMmo3ZmdNSnVUeW1ITWt2K25INkhxS283bXJmOVhMelRDTzZXRXB4eWUvYTRCL2E0azhTc3k0bUkxRGZqcHo3a3Y5bmpmbEh6VHZQeWxQbExlMVRKNUNIdzF5VGdYQ2dXL3ZqZnovNWpmTWdaZVBCMUYwYWg3U2RqVVpwQ0dzelF6Y3JVWDhFRUVjcUxZRDNsalhVZG1NWCtGRXNuZ2J6SHUxeTJ4aHV4QS9ZWmtxdlNzalhGbUF2NkZoMGVhZEgxZVpKMjNkaHZoRU10OXNHS3J3N2pEdEg4a1JRd1JLbGt6OVpkK1R3MGhDK3BoMkhWNUlINldCTk15L0xMcnV1RVVuUHorQ01jcmNld3g5d1RFUVV3WUxrMWtHVm1YaXlCM0p1ZWdWRXFlU1Y4RGhuNkIxN3VsZmh1cndXWXdIV3lBekdxSWRzR2g2dzFHelFjWE9SdVBPOGU1UDRjNE1LeUxKdXVlS2xKZWhhSGhlcnRENjBEZjQ3S0dZblNsWmsvcThsV0FGUFMxSlpCSEN0MG1iZDB5RTR1VjdWMk5EZlJSaFNBSEthd0RlL3YyNkZCbnhIWHJGbWdoYkR6Tm5GRndGMnRpN2JxVWxyOHdSUzV2bktXVG5ILzdPVTNiL2FqM2Jqb1BXVFc1RHVlV0RTVzI5ZUlZdVVYeE96TzlSK3JpeURzT01aT2laRjZadERNVW9WUkp6eDFSTWtvWStreHJqL2FudEM2eE9aVzh5b05OeWJLZ2ZlK0xNbWQ1VUJnMGV0RWRkYjlnb2VRd3FMRElyUGNka29nM2thWXpZTWE5alBjWnZwZjRVZ3grUmR6WHA4VkRDTDRNTEFkdlNZQXJnVzNZMFdqZ29MUXFiaEpNWkFMYnVUM3JIaWZmSjM0bzFqdTZZMXhRdGpqWThHT2F6V0ZjdFIyeHRNaFFkTEZadGtZS2NKYnVLb2pYNTNxaG9HMmNacXJhWUdNVytkRG5qQjVJVWpUZWtwdCt4YTdjRGRCbDNKajh1RDVXQlNveWQ3a0lBRkJ2MFl1UldMN3NKMks4ajd1RFZ5UVg5aTg1eExKaVNpRE5ZdWNCS3N5alZRWnM5SmdLcXZjVm9mY1lTNThwaURsdTFrTG5oU3pjMndzS1VOYXhIenU5VlJqak01aEhFV0I0ZkdHbDNKb1pxdTBzUEJKRzQwRmZ3dkhkWVlvbzJSVUlDVDd5amkzWVJPVExrblFzMXBTNllua0ZMZXJBay9EK25zV0t3dFZRQWErTUhaWlAwcEJVa3dhTW1qRm9wQUpjK05yLzYrY0pqOEhCWXNFWHFkUFhMUUF0WmpyRHRtWkcyRHlWRU9GN0dkQTdrdnJHMDBiN0xCYm1CckVMVnhFSEN6M1BKRE1XOEc5SVhpayt3Y0xxK0FSWkdJZjRGNWJHZXFCbkN2MUljUGdDcUNrYnZrYkI0S3lxZ3pRWFNnWnZpTTNiQU9PVUFqeFgwTVhwbkdBaXZDRjExZGlMREdrVXIxaDBxakNxQkV2bnlIbFJHWGFEUFc0UzMrVHZNQWJDOFJTY2Q2QXdTTkNUYm1sbUVpVkgyTmU3Wk1TUzBKdGMvazF4aVU4SS84QjNLcDR5RjNLWS9HN0tKbDBkNnFXK2NQcFU5emxmbmIyQ1o2T3k0Wk0zU01JL3BEalY1Q1ZYYkdrdUYvQVpEL2w1MGxGWHBCVDdpaFRTc2xpbXMvRVQrOTA1UytRZ1hjbWFkVXQrd3RPa01IZVBML3NySGNvUlBxU3hHY2dBWlNoMnNXcTh3RHZBSDZ2dER4YlpnaHlZZWljV3Bkb3pIaVJBdFJlK0k2WWZGNmVadHlBQVpKNzlqckg2b1BSSlJmQUVMKzZscWVaRUZ4WkRiTERpTW8xMWFjaVRLdTR0S25YZjNqeXVpcDdoYXJzOTI4N2RPWDhvVXhsa1ltZk1RKzdKN0VweWZQRStUOXFTRlRXcG1sMi81bVIvd2tDMDUrbjJUVmdBRWtEYXl3KzVRUnFuSStTUDJ3SDdSQjVQeTltNkhiY21jdGJjTkpVRXZlcm1RQUNrZ0o5SERuc2dFTzlqaUtMSUMvdjJBR0FxOGw4T2p1K0g5NkJXY042QzZTcXFSMGtoWm1DNENEZ1hLZTNraHQ0UXpmUkhYMjl5WDlUVFJDaHVmK2p3dlVqSis1YjVuUk4yc0Z5MDNaenJjL2ZQc1dCRFFHem1IbWhBNHM3T1I4VXpDTUFjNHRFNWYxVEtRZ2xtKzlKc05iWGJWUGlZUG8vWkNnYm1VNEpqWWg0ZC94Ylh1eURMc0cyU0dRKzUwNW9ycFpDWTVTb0NKQnNFWDFwVnIwc0gzeDhxUk5lcW96d3dzQXBZQ05rY1FjNzdQMFoxek9kZkJBUWhUZ25ubHhzaTY4cVIvTDhHMlhyWkRGczRCQXp4TEJzNHhpTW5rV2lGQXYvUVFmTnRmSlNxSDRvNTVucHhWNUxLNlNVVWJvNjhRY2p1TzMwZncwZE40QmttaWF6dHBiMit4RlcvM0J3cmxBNkplNDVxUzljZlB5bHBYSmg1eGpneHJEcmlsYWNhMCs1c1p4Yk45QWs4Zng2SGMwaXhFTXJQSlJZL3lTQUZCNGVrQ2M4MG40ZC9DbjhzT3FvNmYvS0YvU3o3VHJ2cHpJdmhkd3JzeUdoVC9says5N2JGTDl1RU5aa25EMUtaWWIxNVY2K1dKbnY0MnUyRUhaV2JXVThQVzVEQ1dvMnFoY2lLa1hYM2RiWWE2YzgyUHcwZll1NnB1L0x1WVVhTDJJd3JzYlVrQWdRQ1BLT3pWT2RhOE40TmVUU0M2QTFGV3JnOGFVeEdCUVJGZW9JVENVMU5KTnFVRVhkam1zUG5DYjE1Skd4SE95WnhacVZCejZ3OUlEa2hTSHErdzdFMy9lOEpjV2ZFb1pEb0FYTncyOHZEZDh6SWtkSTR2MDVPWFV5Y3NxdEZEeExXMXh3LzAzaGtTZ2tiTUV1RTJPclVXdVNLR0huM2c0cmxtRnJqNy9GSUFQVmxHNzd6NnJQeHh0dGk2eXJxcTdRbWs4blhFMzNIL0wzZDlnTGwrcU5IcnZ2T1NUNHdWS0VjSmRJL1BQaWlMK2tWM2J4MXZuSTNncS96eVQ2TkdQYTJKUWs0bmdjSGhmV0FyYmRSMnpTakRJYWtBTlY3bTdWVkVyc3V4QnRYYkxzNDFQRG5BNnZCUXc4UjhRSkZiTEhpYWhvcGIrWXNRaTM4Y0dFUUUrVmxkNEpKTTlpR2EyaTlrUjQ2L2lYZlZBOVQ4aEVLd0FDek1zeGJ2TkNvMnJDZnJEamNXMDZvQUhCeCtJMjdBQmU0MUYyZ2dQWXFoMFJSWUMyYXBmNDY3UmMyTTB2ZzQzVDF5NjYyV1d2WktPMyt1eWtwR2FUV0VRQXBrTnRlemJVQnJoNzd0TTNKMitxbUNXbXFrS3FudmVSbkVLT3RzTTBjRlkyNDZIWVhSakJOSnlRbjJhcDVoZFgzaDMxVTRkZjEveFVEWENySnZKd1FwMm8yMGI1MTFzd0swTTk3RkRMWC82WHpnQ0F6dDd1YjRPbkVJNWdMNXo1ektkbkhRY3djT1FNMk43L1dRNzBBWkVqTC9DeUx0cVJ2TU83dTB2YXJ3WFVjYzlrelZSdHRQQm9RV21pUnQ2UE1uc0hzYW1uV2hTK2pEOEFuQkNrd01TcW5DaDBwcTByQ3FmRXBublJqWEtuemFlOVRqcHFMTFBwN2NWYjlNZGNmcVRUZTlrSDh4MjVCY2RCK2VYSmpkeTZQSkpiQm1SOHRuM2FYK2lIT2NCQXNMWDgrKzJNQVVCd2ZkOUtHd2RrZDVKU3hCMlJsRk5RVnpjdHZjODhMQmIwRzB2TngxUzZ0WjNVeXFFeUo1eGs1RjJwNXJOK3NwQzZ1bG1GaUgvK2tkaGtUSG9Ea0dtZHJSSVhSWjhSL3llMHhxVHJ4YkFDemQ2VkFGSm5BUWdMWGIwZUNSS0UybGhJSm02d2dpUW1TMEt1TkZoaUNsL2xOclNaWWEyUXlrSjBUR09ncXQyRm5mRXJtWm0zdDRoVFZIVmREek1mYUFuY1B0bHlIL2dQSlB0c1dBSmdKU1Z3bytZdk9VMTJmTkdxcmltbE9UbXRQU244VHBQMkJVdkloMTgxOHhNMWppQnFGYTg4MGorNTFoT0NJbVpZUnlPb2M1N3drckROdTJWV1hBaGNBTWxEazVGQ0Zxbzg0UHpDUlpwVm9EbE1iOFB2MXJsajNYc08xV1MxMDdaQ0xSTFJMdmpuREJHbkx5dFdlTzErcmxldC8wVXE3Zk1GRVJlVjBMNm5LbkFKRi9DdmxBbXplTkVXaXJLa2o3ZHE5bkVId3JMZEd1T1hGUW9jNXg3RVpBdDFxdmZwY0p3cTlIRElTNFBReklBaTRSaU5yalRQV2JQRXNmMGhOcVVCV0YvaXV5Z08ydk5Ya2ZCdXlXa244QjNrbmpqRUkwSkN6NUxjd0dkckhvQUZQaURtZ3FhYmxrNVEvYXliTHprc05LYzVlQ1ZtSjZUQ29RWFVaTy9acXI0c3NIcnF4bldETmIzaVd4RkF2UWlVMWdHZzRKSFJQTmlzM0paRlZEQmJkY2VuK01nUVFDVC90MGozcWc5ZDBnSHd6MW0wek85eGVIcitoLzNMY2ZqY21jQlJwR2FQTzB6bC92T1Azc1RmM3pxMVU5MWtLTjRxbUFvVEJkNWVsb0dIWnF0dFdPUTNSUDFRbVVKWWdvYU1KVWt1V1J1NFZXa1B0VFFTbVA4Vzg4M2tyNngzdWg3UjVyd25Sc0kwbG5WT25JOGM2ZG41ODJZN2w1V1ZqMUk5ZDV2Qyt1aTV5SlNkWXFWcmxjeUtBVkxlZEppL1hkVTdiY1V2QzFWeUxMcmxrVXdxazYwNjJiZitpdkFZTjd2SVRPUi8vSFVMVC9kT2NTa1ZtbVYrbEROVzFlYTdSS1ZXV21idnB6MEsrRlVheDRmcExYa3JudWlENGpEbU1VV1NvV09FQXBVc1BEemMzTVF2MUxPWUpIckk0amJDUG4xQXB3aDNKbGdza3RZMUpZaXZzenJhMXk2T25HWUNSTkdvUkJQOGFYWnAvU1BIU25oR2pleHVLTUkrUjZxWGp4REVJY2xCSktGS3oxdWUvdlBDZ3o2TFlvdXlwa1U4MTd6dG1mVWVMNmtSbmFDclhINVQ2bVR1MzUyNnlVcE5TNUdYSFRQSnVyOS9nWG8xVGU1WVZJbXhIbGlmMWo2QVlaL2x0Uy8yMkIzQisvV1psWDgzTzRUOUlkWnZtRmNNb0gyWkJnY1ZhV1AxUC9OOUZHenBRNXFaaG1oTWwyWGdXS0ptajlKTGd5TWxSOTY4ckRGRzFVMFJzWkF4cVozT3V4MU0zcnpWOTN0SmNLV2tPRmFpMnpCT2V2M2N5cm9PTlJwdVVLVjhmeUljaTV2a212RUN5Wm9zeTN6Q1hVRHU4OFduUnh4Q2syQnltd29qUHNWNVlLV2ZHTjB4SC9xbjVxcFVsY3gyWkNkUTBobi9sN2NnQjV5MnUvektrUmNESU1xWXdZVVZXMmxYb3cwTGtxcmJpM0ZZR2pMa0UwTE45RzR1UmtjNDJweVd2bkNQUHBKd2RtNHFEUlFOamZkM0Z3UmxPR2IrU3J6WWZjTFc4dHlMbFVkZXpQR0dEbnZKaWtnYy83cnpibzJqYi9WaUl3TTBpOGtIUll3OXduMkE5cnB1bXRSaWJQSlk2Vzk5MHBodDFTb1BkNWNsUUsvQTdPOFdIbjhBOVUwdDk1RnpoSElvUTFtbm83Y2NsZlBkay9qU29nOFlPS0VrZGdDSFBSQlROVjB1Y1Bsc09ubDljS245UTNtaXRxbXpHalRkbWwzZ3EvM2dnT1BXVEpqSWFOY2FhMklkSVcvcWo2dkd2d2FwK2F1QnIyN3o3dTV0L2ZTV1dQbUgwY01xUmh1L052dmowSUlvM01qaHVlcGJFZnk0QmpMS1ViZ3hWS2xUK3VUWE51UFRaUXF1WVRUYjBCOFZ2RVJOWnNLOXEwTUtXazVLTVpKUW53eUxRUGNTMzVZbGVieHI2RE9vdjUxM01kanREY3ZqZUJNa0lYS05xTlgweXZTdjZNcVFucVZiYklORDBoUzIwa2ttV1BvdnpkdlNVb1RMTU04YjBvbndtQWJaMXBDWEpGNm0xeXhhWXhRSUkvNDNNOTV6VlVKOThXdHdTZnZ2NXVHZEY4SjlDN0VkRktHS21TK3p0b090S1VHdzNDTVRkWlg4aFR3ckx1SjZvNitFWkppUklZdGRPNTY3YVR2eDVXc29jcDRCa1QvUHR3d0wzSy9hdTRSS21uV21CYVJQVzdtUGxUZlZZbFhINzZTVHhZMUJFQm1UKzdZSlAyRUpqWGRVNllJY0pPaFR0TzlQbzBzNnhHeGl5V2ErRkVMOEtFSU1NUEkzaDlhaitoR3pBVVJhUnQ4MDFlbXlMMDZIYVErT1pwQnMxNlBVNXBjQ3JWa1dqZk94RVltMC9DTGs4Tlh6RTQwTUdrV292K2ljRjJUUmE0c2JBRGt3cXRFdXhWbmF1YVZDbHU3R09JZ3dHKzRIbk5wbE90aTZCeDZGWENDRmxVN1FkSjZldnFpT0tQQjJoQVNXS3B2YWV4VnREV0JKekxZanNhYlpXb25OeUpsQmlJQ21Za2g2NGtKcGFib3hpbWwreVJEazBHK0tmd0ZmSHloWExuS3FJV0M5NERneXdFVjhMV2cwTWVtRkNzUFVjUExyeUQ4d094REVCeTNZSi9YekRGYVh1QW9sS3FvZDlmcXVxZmM0Vmk2Q3IxejlsWDhjYlF1L3JERVgxWDdpY3RSZG51ZDZVK2h3NFNxRTBZM0hQV29xSWlFY1RuVEZWS2xVT3MySGlqQS9DRGNhYUxnOTlZcHU3TU9jYWc3N09PSkt3YmJNbXB4dStwRkIxTk54SjZabTlSZHlXTUJ3UU1CYTBtWVRNc3RTaVBuK3VURWd3d1gvMmQ3dW5tbVBQdTlPNlhqUW9NNlJpODZkWlNBcFY2b0dLeHFxZTlDU0RQK0h2QnNEZkNTb2s2NFIrWUVVdUJpa1kyVERIdXB2cENnUXBoVjc5L0c4R3k4QmxyWDRvbjdYSDhWMVphOUVNUHQvVmN3NlNUZFYzZVVSWTZadlZGdUltNDFxaUd1akN5THNVKzRDTVlqclRaRmZyejRFSGxxdVNld3REKzMyaDF0VmlHN2dKN0VvaTVzVEUrWXZORnZBeDJZR2RJbE9HZ3JZTGFrRmd5VUg1QmJaRWt6VFpzcjM4V29lQTNuVTBUQjJNMmFyQWJDd1ZtTUFwWENhUXZmTzRialNWY2lTZG9iU0N3cVJTK3Z2RnlDUXRSdFNTK2U5VVdHOTFrUHk2Tk1oTXJVVmozLzhDSGJUcEZWcSt6NWhoZGZsNGZnSE1NcS8wcHZyUDdmMlgwMDhnT3VIdGVRay9DRlRMd1lhSzZRRUk2ckJBU2FNRmNXVk5hOThpTHNyRy90M1BNN255LzkrTWNMT05vVWw3L2FqTnROMDFJaWtNUW9MRGF6dWZnTjYxdHNoMG1zdW5WK0pUUkw3OEM0cktGUlR4bDNuaUJpU3QwWGZ2aTlwSm1ibGpxRTdkU1MzUUZqOUh2aFIyRXlLZDQxVFFWWVhWVS8zWGJPQ2xYUGY1Qlo2dWRqL0Nxc2VLYUg0VjI0OTIxNWxwcS9KRTZRVVllT2VGczdpOUlPTm5aMHozMUkvdEtmTk1RZGxIY0Evd0w0SEZDcDVJejJ2eTVFblF2czhLTS9IZm5OYldRN3hFYlpXTkY0Y04rdkp2cEV1Uy9rZG42dW54ZkdUeGtYRjVJTmZ6UklTeThNcHhQbDdjVlhNUFk2ZFJlSHB1b0hNUjdScDRnTDk3VDBoSW1hcHBBZ2VHeXdqZHUwbloyUE5KcmJYMXRZOGNRT2lJNG1McysyekJUaGxEMkUwWmROamhLdW9FNHBqYWdUa2RvT2tRNHo4WUppb3c0YlpzWVNVb2oyV0xueUljYko2SUZnajUzUHQyUjg0c1lPRndkZkQ5VmQzSGxuUzNaQ3Vmdit2UWsvbTA5VnU1NDRocVIybVVueXRaS1pyWE9POERwdmpkbHMvc0Y0UXJHc1pHa2ZmbC9QTXd3QzdoMGFRTEZwQWd1b3V1Y3hlRWVLU3YwR3pJeWpkajNiZnJtT0tIaFpuTk5wVzRidytFMy8vNTJkOVU0TWNLOVJGMkdlVUhJcml5TnpkZTZlRkVnNDhHYmVJK1p1QnRta08yay9mNmtYdno2ZXk4OVFyc2V6ZVhiVS9hUEsxdmRYVUJSaGZYbUhwQ25uRXc0MFM4MXI5TWt2Q2xUSjdPcEtQeWQxMFRqTkIwWERYZmNMWjdON3RlNmVQZ3pyTXFZZlFGeTE5YnRkRngyZndlejFIV2t1b2VHQUFFOHIwWmQxbUpha3AwQnFsdnJQYXhsTWxyeFRsamZwNWZsYTY5cll5VkZSVTk2dTNRTlFwLytUNlpOYzA5UTlhWXFLVlRqYVpobzgzZUE3WkdDblUyUnM0MWhDNVpPbk9iZ2Mrd3NFaEtoSVRKR1k2VjJsU3RPNW1lcGh3RUN1TFoxL2had2FTUEV1QnFaMzlVbGdhdG1xc1dYZ1FrS2o2UGp1aGpnTHZKQlZyMytVZitpNDhuUlg5cHgwU0dxZnE4UFQwTU9jdy91TjloQmx6b1RuVDlaazk5Z2htYW5CQVVVcGVLcWlGTXlVczdjdWpJWXEzUEorZG1JbE5QTmprcXpjd2lZUHlUaGFEM3NoNXhSZy9TOFhUM0FTNHBUUS9kaEQvSDNxdlhKZndCWGFvN211ZUd3UTA3ZXVBSXgwd01jM21aYmFhWjlaSGtiRkthUkgvSlIvNUxlYmRGcktWTHdMdWVWVEpTZ1RyclBGRGJEOExGUWU5TG82OGN4d3ZESUdFK1NHc0VMSVd5VVdhbXlROGpNaTB5T21RaXJuZjAyc0N2UmNBQlpoM0wvcUd1OUkxWk1tSzNsSGFENzNES3BMSnJqekh0RnVlWWYrbFI2WDZYeUhqMlVzZ2MwUitmSi8vbzg4TFJEbzR3TVFtWFRJdXRqN0JQNG5tUXZEYVdOUmxRSmpad1k5d0pmRlRkdStOOFovWG9xR0l0RTNObmhJem5Xd1NqMlNJWjkvUXBsekk1dG9wdC9GRi9oc1VTNy94bnpKWC8xMlZqMS8rT1JXamRBTUU3M0xIRE5wN29QNFV1SmZ2Rnh2RzRCK1NpaXV4L1VDYzI0MDBXYXdRV3BBWE9VT09vcERTd3VjbXhJbDh4OTVDQkFsRTFiVlE2Z0lvZnJQMDZBc3lFeHdpU29zS1VoMExVQXY0djhscTFBYVkxdnczc0FzWFV1L09lYnkreEdyeS8reEtBd3hSb2lMQk4rMmhDcitoRlpxejE5dE1BRWNPd0JUYnRxSzE4SnhYanNKcVhUTnZpZ3BJbDlCUVpQV1FkNzJUM3pHdEszOFk3Zy9EcGMyTG93cHJTOGFnNnZrN0tWbHkycUhJRkhFRm0xMnBHMkJWVmdqbWlObWtWS2F6Sjd5eHZJMDcrL1VSUFlrSU5nRXhiYmVoVThHeEZlK01YdllHTjhRemRJZVJvNW5sZHhGMFQyb2xGdkxBaEJpb2h2TUtGTVpLeUNld2poV3AvaGRNVTlVdHU2by9ha2lFSXF4K0JGd1hjS2RFSExnVTNDYjBpWWo5UVpQdUY0WVhkbXE0eTUzMjV5WlBwdGFNbTFwdVBjUVVTWjNFS0hMVEYzVzgyWlNZYzEyOVRVbnpoYkZhTGtHaEpPYjVJeXlsZ2xDeXRzNXlwNGVIMjRZbjBLZk44dTZqUkM1L1lSRzJQbE5HY1B6RjhCZWd1bEdjOW5DTWF6eTVvK2VUWjdSQUgxUFpZKzlHZjJVek5SK1ZEQmh5Mi96ZGNVdzFOQ0RQbktvL3ViUDVzbHZoem9oZ243SkxIRHNEbFhvQkdpdkJaTVdlZFRUSThiemVVMHgxVnhYQ1RaVTMvbDUrN1c0MjNKMXpId2duS3ZtMUZXYUNidnRzSjBHbU9ZQlEvdnJ3Vy9kWitGaVJFcXVPdEpzVk16TzUzSWVVSHAvcE1aaE43TTFqU2VyM0htOFhWZ3M0eVBzb0xhSVpoeHJkV1JSL2psdnlidEZCRENmQzBrU2lub1Fjc29ZY25IMFVhcktFM3JDYksyUGZJQ3Rpa2NUbTI5TDh0QkhvVmcwWnJVTHZnTUZ1dXBqNThSR3RmUC9zazkxUzVmSXNDOFJlazRLWHNoMkNWVXN0SXFlZnpIOG5maVl6bktoRFdyU2hjQ01OaDFNc25Xd1BLQk9pbW1ONWlBc2Rod050ZmJsOW44RGdoUXIwRndvbzdlWDM2RkJNd1R6L1VicHVMWVkxM0wrT0NTRlptVFplSGw5bkd1b2svTFc2ZkozYnFiQXFGbkp4VEdoQmc3SDhENW5RWUtQYTAzNFZTSjUyc0RJb1dRMDIrZFlLblRkVWJOQmZlVy9Oc213S3o5NDNYU2NHei9UV3VwRG9xTHpMUGd2S0pmUVc5NkVERXZiUFZISkliZktaNm5kS1NFZmFyOWpFUHhET0ZoVGhXWGtBbVpoZkxOOWU0N3ovN2dNd0g5TE1NRTJJeTJjeVgvMGM1QUJXSHBEMDBGMzZPN2VQcmNlUEIvV2tCdWF3bTJaZEFlQVAzRnFxWU9lZ1pGcUc2blAzZm5nYzQwaXQzV0lyOTZHb3lOVTJ3dE12V3UvanczdWpTWHN1NnM0TFNTWVF5RUJVelpJa3N1ZEJUa09jOUVRdW9PcXFXZitIOXBTQVpYMVY3TGtnSWpmOTF3Q29ITnhvYnU3N2ZZdkJQeTFzZ2FNUnVQRlFHaDBTSlFpSDd4VGdOTzYwbmhmdmpsSGFlLysrQ1BROHJCb0wzSnE3VDZ5RWVNSlh3NThZcmF2MDZET0pCY1JWMU5iRkpmbTU4cytxQnI4b3BMM1R3dzRsd2R4blh1cXhFbUEwL2NKQnIwYy8wTitrQWxJTmhLUXN6T3R6dnIvZ2syRy8rTVdlWHFBbGd2ck56VzRoc2FIcFBnV3VDQ1I0Nk1uMDFIRTRZOUpXQzY1NVhjQ3BuVWJiQmViQXdGd1dsUWxtdGtDMCt6MkFZTWNnbEhFZnBNMzY0MDhkNVRWaC84bWl5ZkZHY3E2U05STUtUMWRZNWEvM2xBelRmSGttMXdtSmxKWE0vSW9vSnl5NkF3TVNSWndoQTRaQTB1L0dsK3VHY0FOTTVxNC80YUFCS291ZEVHUXN2VTk5cXRGQzVWd2p1WGlIK3lGZklEeCsya0RCckoyY2pNemxVWk9ZNUY4WU9CQS9VOTYwZDR6emV6SlZKSVU3eFZSS3BUNmVZSGVBNWJGS2svenFSS3VwbXBZbUowQmlBSDROVER5Q2pRMFB6UGhNSDhLcThCbElsVWFOcmxSZmxPOGRMMWNmdytMeHpITk9Db1gxMjNHMENHMXI4MTlKNkU3Q0VWSTVmaVJjaUJGTTNKNjNiZURaTWFrcUZvMGp3Rkh2ZTJDSjl3UElFZFFETk9HTmV1cTBZbU5QZFRmS09yNjF1ZFFpRzF0eHZwUGVveUxCc1FHeE9IMHBrS3JicmowNW95L0IrQW9FY3RKYzh0eVQycjVFcUljR3lYREV5VnAwQzJWTHVtRFJxVmwwTGRqT21JZVNtclNWSTE0YXJrZ0RRcUw5cmN0VjQ0UElodzBiWVliK1ZIcHZjWG52MUpHb1cvcUszNjVKdzRiNUhNOFRUQmJxOUMwdlpJU0F4emdpeE0wNWlIcFNZM2FwM0pDWnlraGdTTFdlZTVlZndPQUd6VVdLMHFVcHRnOG1HcXRmRnJ5RjJiNjVlbnp1QUlMaXVqS0pvZ1pHZDI5Wlp6eFM1N2ZpWU9mQlVPeDRlZ29uVjNCTTFxRzgwbmhDYTVlaTRHR3g4Qmo1SzFRTjhGWXROQTRGTnFTUG1rcldxblNvdER1aGpNQTNCcHlxZ2NuZ3J4L1U0SjdUelVhQmh6b053N29GdzIzNlFhUVdWRHhMZlhWT2FyYnVMeDNlQXJlNCsxYk9xU3NGS3Z1Si81RTI1TnNSQ1NuL2s0ZUo3cjBSK1VkRDg3ZXVkc3Z4YTBVLy8zb0p6SHdhZU1oRCs3QnpSK294OEFDamZMZmJTZnpKZTY2RE5GYTloRlpZN3hLSzA4THRRb2xHNzE2dU14S0ZVeWdwb3BHbnU2OHl4RkdhQllxZFU1bG1rNUJRZHpkVDB4OTVPRW5WaC9OM0lPWnV0bTBBcFdwaUcwL0wwVmlYWmRPNnFkM2xBU20vMGNkbDdFTVUyM3hZcCtUcXRnK1JXTVZDcFNicVNuMjFjalduZFU5cFM1TTdOdmF0Mm4yNzNqVVQxaGl6VGx2SUY5c25vWjRDU3kyR2FFZGNkRkhpTXFYN3NGN0NORkZ5Q3BPNm5BcFRDQWxJaVI5cmp6VTB3V0xCQW1MWStVVXR0dHBjUVJyYzhJSU9RQ2NMTzBZbzhWOWpWSGVzVW5LTmQ3UkNaVUJGMjV1TWZ6VS96Uk1taVg4cFRONmwxdzI4NE5hb3ljRmxMWTVXWU4rcE1IMzFmWUllWWhiTnpONlljOVB3eTh1TEhSWGIvMnY2eDhESG8zRTZZTTJ6TzBjRUN4WmJKWXF3NGgrU0JuVy95VzRaclk4bzlLeVFlN2tlamxjLzBWZGFWMDhXenEwSEJHT0tkd0s4RWJtbk01UVQ5NENrS2tUd0tMVG9Qd05hSGM2WEM0cXQ3a1pLRDVLYkNwOENaZFJaZXQrYkRiaDhEN3hUbFR6SXNCQ0tTc2ZRRUd4NXRoRlZUVXRZNDVTczMyQmRNV2lYUGdWVzJIZ0RxckhwNnR1a3VQUE9nKzNnaEdjY0xEamI0aWhwMjNOWG92YmRxdGVyaldvVCt5UjU1cGVWem40Z202WGczd0RpOStURlVjNncrN3JTaVVSUXZMd1NlMWtUR3ArTjFPOTFKVE1oQmxvWUY3YXVyOHNxRXpMck12emZxa0dYWUJFczFHQ0J2elAzSjhRVTFpT3h2SWpQempObG56RW9aMm1ieXBHb205YkVNcWFmSU1sdTFTZXh1b3ZMWXVMWWJRRGFzaVFWczFTR1Q3RnVKVDZMZzJ6NitrVnpyc3lRMHpyOG9uQlFxSlVVYWZaOGlIZTBSR25uaFhHc3hwcDZFWEljVUxDSGI3bzd5UTNScjc1ZXp0YnVxVWdnYS85MEJPODZ0RlV6UllKaXZYL0xDcEwvbmtMc3pNVjI1OFArRDZGMGtaRS9ZWWZHb1dnSHgxdlFFUlZiQjc1ZFJwTmNMTm56a0VPYUxiKytJUmN3UHNISEVRMytoMVI4WEZ4amZFdkFRMDNWOXRmTFFGak9jTnR5VGg2eVYrVjNlMGdaMEtsRW1ZeWRKeGZBeTVaMjVEYlRBUFRGeTFoTzNWQmRMQ3NrcHEyT2x0RURNaVZTTm92cWtRVlVMYm42WkpJWnd2UzBYSkVpb3N0dzNIZmxQM2FQSXpuYm9Bd2tKQ3dwZVhUckVROCtubzQrM21NNnV4TzlsUG1QRHd6elU5aC8vamEveWhsNW9XQnFZdURSLzFid2hUemQ5R3NOU21zaGRyZWx1bVNYMjBrSWxOdjhTU2EwRWZvM3pwSWYzUlZ3aTRFcHFvaGltYU9DdTNDTGNGMnkvaEVjZFR1cUMyOUVVRWtRTVh0QUttdlM5VlZVbXp2aE9TSmV0ZEQ2YlN4N1V1dzRsaXp4YnE1Q1N2alpCTVhnRUNYY2NkaFVXSzd5d0R5dFZLQTFmV25ScHBLWlpaeUkvdnJ5UnU4cVpNTGtjSHhJNUs4Tk5CRXZ4QkJFR1BvdXduNXd5bFpHTFB0eUlHNFUzQmUrMUl4Q0NuS2tNQUVOb3ZTVHZ4cFpmSXFvRHk1c2tTVzNMQkd4cjZld2tqcFh3MUJzOUxmclg4bzE2eXNyM2VRZ1JrLzM3NXU3VDZFK3M0a1c0d0NPWEFQZGI5NWlEcU1mdHNXTzBHelZYTkhnSGxFMEtPRlNVYWFKbGNsbmxSZUV6NGZuanpQUHRicmZVcTZ0RHZmZm55WXhUWjYwT2o1UERSS21kNGZrdjFuMHNaVlVmb3BVTEZMNmNTb1B4ajRaMHgxYWwvVURTS09wNFNOc29HMGEzUmRJWUlKcFZ4QXBsZ3RuNWtjZ1VHRzdFSFdGWVBLOFIzcTRQZ1lmdm1zQVZ1RnhlajBCQmVWc0M4dVFieERhTU5SL01DU0UrN0srd0N6N3FlZ0RDUjlvNEM2R3d4bklOa3JZWTA2bktlZ1V0MlkwVmtoRDV0NXJVenNvckxvYUZQcEJsYXpZZEUyWHpjQ1JXWGlRRWhpejN1R1k0Q3RiMHpKNU9ycm1wak9oK0FMSGMvVU0yWS9waXZVWFhOOE56ampXQ09iVDQ0ZTJKUVQvdHhJZnBhR1lzVUNKckNpUmliZmduOHBnMVpOVktHekpKZEltRGxoTjZRY3BNK0VVWEQ3dXFNNUJJd1U1K0VNT21OS25id3NVMlo0S0hXN2VpN0ZobVpMUXFBWEFEanJiR0Y4NjBORVBvQ3UwM1JKZ1lvTGdLMUdwdG45d1JwelMzaHR2Q1NFVEFiV00xTUdVZXlaczh3cGJ4dDBJL0lRRzhNUnFVd0tzVzlxSXViNy84dnhKVFlOVEduSDZFSEZEUk1JaGF1Qlh2VkpYNWlXelU0SXh1YjFUZnRwN0hUMk9qUEdGa0VGUzhrajd6U2JqbktaZ21INXp0SWs3R2NqdDRHV0NDNXJvckh4bFZrcUJyOHJoakFxYUFScWpBVUZDZFBhdWZvdUJxWG9tWmRnUjlCL0V2UHErdTV0bGJOR1dmZVI4dVNqQUtBU1ZaVmNtWkc4Qzg1WmJ0UHBsWkFFZkN1b0VpZ0U3RzVIcTBlWFZwQmt1U3dCZ2NYbG1sYjBxKzBUL3RPRW5IQlNFQ25TaXhvUFhHZkVYbXEybS80V0xyUkRObjNNUHZHWFdiMTBUeWNPRHgxWi83ME9uVWF2YjZkY1dDNUNKbTFiK2lLV2hkYmxZSUM5NXY3c3dtWW5ta0dqTXI4dlBnUUN0TGRpd2xsVlR6ajhXZHFwSnI0ckFta29qckVDbTJYV2ordWk1c2NKMGQxR2dvQjFCT3ozM0R6a0F3Z3ZFUXFIWHptamJZZFRjMHkyWjR6NnFIMEs3eDEyU1o3N3hIci82NnF4WnJXQXB3eU9wODVLY3Z5ZEJ2MXpKdzJac3ZsaHBPTmdBZGpBWUk4OFl3WnBXN2FQazZ6UStBd2tIRE1pSE50dCt0WGJHbUU3WDdNRDhES2VtMzZUVDdDTlFFR2laLzFoTHNIcEt3VVNoeGpoa1ZzZUhNdk5rVkdoQ21ncTNyQWg1aWROMC9MWHFadkRXLytxV1pUUmt3WkRZRUdJdlVlWTliZ3J1VG4xYlltVk1xdk5CVGJ6endvMEtFVS9OcFFtZStaQjJqNEsyOVFWSGMvYjluRmd1SUhPRFltWS92Z0YwTHhHLy9kMk8zUDRGeUs1d0pwZ1JrMFdGdHI1V0JWM3RCVDMwZklZamg3cmhrUXhLb3hBL2RZV29LamNHRUNHQW02STZSSG43a1lIYmVvaCtXRW9kMTAwMDFxQlFqQmR1Z08yMjBxWmN1ZHhkLzhrTDJ0OGlkWU1PUWg0Q2IySFl5TnRJcCtNaTNmQXRNaU91eWE3Q0tLdElrM2gvelRTMVhyeTlaN0xEMEdQaXdoSjRsNnZseGltWDJZUG01YUdxbXNwUS80TVAxYTh0VllLQ0RvcGRrb2JPU3BxVWpOa2RPdGJtem5CdzhwOTNiTXB5T3BiclVuQkR3dEhPWHNmdTB3WXZYZjZEMXcxSTVXczJHNThnclFaWFBaaU0rUWhZRkhtUUFJU1VaaUw4Zmt6MHhFNGRVc2g0am4ybWR1cDRQR2xCL0MwTGN3T1RIOGl0WHY3NWM3Vjh1OFpNdHJ5alNUaTc4SllSSWtxWktOK3puZXdBQ0dROVB1eDZtZlJReTdOeGNpOEpYRlJYMDhia01zcy9vOUMwOXZTTnBReVpud2JZKzU0S0hrOVlPbDRiOGRCTjFoT2dBNWpsUEdyNzF0bmk1ckNiRGRwWDN1YWp5ZFBoZnNtMW11czBGdDlrQ0Y0SDlLMmt5WDRDRG85Uk1sVS8wbFlsaklYejY0UVZjT1hYOVFYMEpuNHhta3cvaVhEa3U1SWdrRXdLblhJbFhiYm03UXQ4blpoVUdSTUhNMXJmaUlVWWt4VE5mZTlROTNlMkhyMnFBMW5TUzhReThUQ2NYVU5oemxrcnRkMkcvWmZDZjFoMFBXYjdvazRqQXBvSFJvVUN3Q2NOOUdXcVdIbDNRcHVzUXc3Z3NVWHZuV01XSWE5RzhlRmw1YVhZeVdlVHcyYTlBN3JocEgrbVdVS3FmVmRmTXJKcFZQUktFcldsZloycHpRL0dFYmRBdzgxbnR6MGFJOXk4a2FkL1hjd2laeVBSQTVpd200SERlOTFQcnJ5czRDS1hPUTJSNmdLL2RUTm55MDc0MjFiRysyUHJoVTBNbGJjTUpqb3VIdStGMHdvL28rSVJBZEF6NFJkc0lqc0lPd0UwVjhCOUw4WjUrUDRMZ3NQalJDUGxjVlBZQ0diU0xmM1RYMWFpNk5RMW5iMlN3S2VuZ1EzdXNRZDQ1MFZDbUFpMWZ5YTMwUTYxVFJxMk85Z2JVY21IYXcrTENucGhpV2VxeG9SN0M3bVEzQURFLzI4MkdBOE4zMm1LanZ3UFdIbTFrd3BCcUs0WERuME5pNVBlOXozek45MEdueFRWdkFJaVFwNnIvQVNIb3hNTkRCT0VURkRGM2ZDN0d4RkdFSTBmcTFkRDZhMmZVZzBTSE1aRjRHaEdSaW1lRzdXc1VTYzBqUUpTU0lCZnBtSG1BWUttbGpPOHpPV2NpdktkTVdibGJGK2FwNTI4MW52MHpEL0dpdXUzVnJTSXpEVkJlOEZYQW1MczFvN3I4bWV3Tk1qUU1VQ1o5ZUhhRnd3dEtZaVN0WCtsWUJwMWNCZ0RDS1orT2NoblZQZHJOenB5N1czLzlvVmpXaUdHQXVJa09GUW5EdXdYQjFSRDRaWWxxZ25FaTN6NDI1TnA3TVRiaEVIdDZKUHJCcS9uZmgrdnJFVU9TSHBPU3h5bVJ1QVBqSkxINWRYc0RhbWp3UjZyMTdZMUFmMUdLTWh3bzkwVDJkM0poT2hUL1FPbWt2eHltVzRhLzhYbjFoRHl1SG5QZUNlVHNZdEs2R1RVbk1vblV0RWtLTzN2a0tSNEdYTmtYRDhXV1VKZ0FQMkdVSXBnODZwRDNiRDc4aGhIMnh2UlVreGdFSUF6TGFpbTF3VzlBUlZJcTQwcDlUUUtVdGJWcC9SUzJZNWJhRUVxQ2dVdjMrL1V5bFZXVnNpa3dWN2VQbWJLTjJFdk5hTS9XSmE5YlRxcGIwa3kxbGdhWlJxM0FmWE8zakttRUptNy9ZakZ1YWl2UFNWeW9wL1llK1lIbGQ1L3dTVU1ENlk0c21wbHJVZXdMNUd2K2Y1T3Z3bmpvSWJjZlNWMjhQVnVTbCtQcFpuc3VKanN2ejVGUWY2KzZtcW9ydTJzMmx5RWVIWXc4UWh1MEl2YmQxa0RkT0hxTGprT2NjbjdsekJ6ZEU3djhxOFhQSkl6NGkwbWVhMFFpc2VTRWpjbmhld0hlRExFODN1Z09ITzhCOFFOcDgvUXZ5YTRHVGlrWDFkL3NHeGRMQ25qNUM5K2lBRzJqZStua3FITjJuRURLd1BBSVhMVC9idVlMcDJzMHJFb25YRFJrd2xkQmlHUTlvOE9mV1JDUkFhVG01ZitFeUQ4K2ZQWkZHUEV3MG02UnQ3NUp1OTJJTG9nRnhoakRxT0ZJL2U5SVJOa01TZWwwWThhVGdEWm5jTU5GQWdHWFFMR0pkZDJKVlFNdDlHTU52N2k0bWQyb2JXdUhQT3ZlWFkxd3pVbjRtK1FTV2VObURkNjYwZ2g4VlVOYkNmLy9ZVnl0NVgrc3BBVzZDZHZ0ZytUVTYvSzdXZGRsb2c4Ty9CdXlHWGZpajZaa0VoMEEyN0F5eW52TjE2a0h6Mng3SzZMcDA4aU1TVk82MkxvWVdoaHNvbzhHMUVRajVFUzBHMUxwdlBpOCttNTV5TXRSV1ZSLzNBejY0ZnhUL05ZRjdPSFFMcWNCUWdVRFN6WTZmeEtpNmNGZEdjQitHcHErUzQ3dXRrN1hWOElxRWtwdjNneXFtTE9vZWdXUFdXTG5ubzlvaXZJbEV6OGtxTWM3MjBnaWlraDYyNGM0dG1sc3Z3ZUpseE5URHRKT0VJRVJRaVVhQWl4TWJZR29UYkkrdGhBS1JkM1lTVWpXejFOMUxieGZ1QUUrRzlWdEJWcW9mWmRkUy9TR3M1RVYzSktuOFQ2czlmdTd5YklTS1g5NllGWDN5aFNxNFhYa0dyWUlzQWloaHlJOHc1UkEzMS9KdEV2SlRjQWdhQ0JkZHVKVC8rMjU1SFlYUGQ3UWxIZFJLK2JvaUxoYnRPcDlsS1VBbjRCY01mZlFmTlB1c0ZWMng2QVV1bE1INm1ubDBaSFZjaUxoOUdlSzh6VWRqcjdzTXlqdjVkUTFKejJza0RCalVUYTZiaS94akxxWVVreEVLcXkyNk1CZENDZm1rTU5BTE00dGZabE5DQlRWbXl2V2J2LzJNbGIrNExmZTVUZHBLTVg5TUloT3Q4RjkxbGVzZ1RvcXlWT0N5WW04eitHUHZvSTJWRVUvSVZxdXRQamRJVGFtV1ozaWY2UFFRc2o2OWJldjV2R2UwQ3o5NnFwdGdpb3RxSTBBaExVVURNQWtZL3E3MU56aGtwTGpST0VLdXJEamk1bG1YRE9DL0tnZ0dpemNJSldZcXpYbEV6R2s4eis2eGlDSmJ1MUVKa1dqc09qOXFlZkEwZzFQSlJoaEF0UVFJUTdSdlI2YjhKUE05SThKMStPTHlxQmNjK29CS0JPNERmREp6dktuZjFva0RKTXhCU3p3VG5Mc0ZBZkdsUjYvZ2pPUms5L09FeXhkU3NSaXA3THVsdlZjREtuVmp5cVJxZmp2cm5QQk4wZkJrZHdCeUhuNExwWjBPOUd4Ync4cGt4QXpOYWJSUVFqZ0dtcHd0ZDZ6REs0SS9zQnV1ZUJhK2wreFpPVEhJVmpMeGoxSkpLWnZKOW9VeWF1L1BkcWhKTTBQRlFvN3VnbWtTamRXR1l2cmhqVmxTa0VUQUhVYmEvcHhZYllvMVQveFJnM2VWSXRlUXhLSDFMMFFRdTdCTkc5VHVXbzRvcjc4MUNRRTlTZ2V2Wi9RNW9tSllSVHhZaFVNYlNsQmlZVTdBZGM5OU1SajNZOUpqV1laWEtBcHZIWE9EcnMzdEFlWENlb3NLN1p2aTdJN1MrWFhPOFJKZFZKQ1Y5TXFiUjNaNng4UlpkSEcwVXMwNFlNenFZdWJ3VHdoWnZyeURoeE5pbXBPKzBYLy95V1YxdHJvUFhSbHZLWWtoWTNYeW5UTmxxSlJ6Qzh6dFM0bFJhVERKN2R0SnpJQm1zS2dobjJsempLQkNYdkkwalRyVDBOYnl5VFh2Zm0rb1oxVjZTb25HS1I2bnliNE1ET0d2MFp4Z2RUdkh3MGVsTWJLQnladTNXNk5JT3liS2JSUGE0U2V4TUtTVEtlWUhkU1JYWW1lYi9kM3g3RkF4emoxek56MlF2L1JxYXFLb0hVTWJiV0pEV2pYcDZsaURkUlZ1c2lWQWRLenNZeHVxNlU5a293KzVnaGJqR2o1YWZQWGNmZ3BFa0JmSEZERWx1b0sxOGsza0E0cEIxM0RSSWJqVHZBKzlTNEhFTkVqU2dUUHNMWkNReXIvTkJsNjdvaUJXVUJnWVJqeThTM0NxSXhLcEhqS0Y0YVB4czkzdzlLMUdVZzdFbU85b01hVVFYMHFkbUUwcWRUcWRIWWxHbXVKaCsyYmU1THE0eUMybjRBPTpRRE85NU84dFhyUjRzSmtDYXBqRDQrSDl5QjN6d01keE5GdytkUlNzdHVRQVFRdDBKN1VvVm9vLzlYaXAvUzNTZDFZQmppRzViTzZFSEVrVUdxU0VsanY0SGZmeEhMZ3hnOUp6MmFXbnZCTFplbTBkZ3phOTZRWmxMME43Q3FXNERXQmJDdTJGK3ZvUUpoU0pZQ3VLU29Ybmgxb3RYdHRLWUVxK3dwMkRHR1UvQlgzZHZseHlWc25VWk9lazFCNzNyMXJaMTQvcVpYM1NQYXlnNFhtVWtBelc3bXpBTkE5ckR0aFVPY2hqNkRabGNKbjVxYWdhbTIzVjlFYi9sSHJRekVEUDl5S1kza25hTjhxKy84T3A2K29FZkJWMHE3RGl1MDl2aVZCYXNVaWErcFQzUFVPN0xFSWRxM0JIeGNKczh5WXBvc2REam5Jd1R2ZGZ6M2IwdEE9PQ=="}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Mar 2026 05:40:30 GMT\r\ncontent-type: application/json; charset=utf-8\r\ncontent-encoding: gzip\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type\r\naccess-control-allow-origin: https://leon75.bet\r\nset-cookie: shd_persistent=2fd88fc0-86e1-4bad-964a-d9705925f67d; Path=/; Max-Age=63072000; HttpOnly; Secure; SameSite=None\n__cf_bm=maUqNk.HOjBVHMa25bu0w6zoQRjn5_d8GyeGULiMh_k-1772343630-1.0.1.1-3Wng6tBvdmEBTdVlnct1SnnM4V0Ekj98.EPPnQY70NzE0ZHzYv6KCT9U7dOwhLyRmDSwSQeewcsVZxftcEgCeFpVbC32UlSeU2Sn7QbeCPM; path=/; expires=Sun, 01-Mar-26 06:10:30 GMT; domain=.csftr.com; HttpOnly; Secure; SameSite=None\r\nx-request-id: c279d1c7-60e6-400a-816b-98c6069f1681\r\nx-envoy-upstream-service-time: 16\r\ncf-cache-status: DYNAMIC\r\nserver: cloudflare\r\ncf-ray: 9d55d3c8ef052efa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Envoy","description":"Envoy is an open-source edge and service proxy, designed for cloud-native applications.","website":"https://www.envoyproxy.io/","common_platform_enumeration":"cpe:2.3:a:envoyproxy:envoy:*:*:*:*:*:*:*:*","icon":"Envoy.png","categories":["Reverse proxies"]}],"data":{"size":438,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c5d28220b08957d8a7d50cc92456b75d","sha1":"9452ed8991812bdd8da92975f7ff2544993a300e","sha256":"6e44ac33949c1e5e847a9eea2743b0760ee5313a30aea4317de32aa59b9c1a19","sha512":"856263d9a0adcadcbd1933ab0ebbed49bcb5647cafe6880fb6451b88375f617e7558bfb66cf46babf4b927e0276fa15a08368986abd6a8aabd991a7ed11f2f43","ssdeep":"","tlshash":"7bf0ab8407e828b9c2b38255e6013ed03b3914b36888704cc8be496c1ce34c5627951b","first_seen":"2026-03-01T05:41:07.278882Z","last_seen":"2026-03-01T05:41:07.278882Z","times_seen":1,"resource_available":false,"data":null}},"time_used":142,"timings":{"blocked":35,"dns":12,"connect":1,"send":0,"wait":71,"receive":0,"ssl":20},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:41.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 139\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ; _ga_JZZNGY93CC=GS2.1.s1772343630$o1$g1$t1772343630$j60$l0$h0; _ga=GA1.1.1485598974.1772343631; pixelsink_uid=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5; intercom-id-cnjqphyx=85381ab1-a36d-4721-b8a9-31da0a6aeb3e; intercom-session-cnjqphyx=; intercom-device-id-cnjqphyx=73ea108a-a9be-4949-8c19-bbffe60d1c88\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":139,"data":"[{\"id\":\"fc74562e-0fa8-4b15-b723-260359a800c8\",\"qKey\":\"9ea32f24-159\",\"operationName\":\"getCustomerStreams\",\"variables\":{\"options\":{\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:41 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":267328,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"2361f80c9c41d30f1c7d5a822de21123","sha1":"81d6a134c21c0dd9b0ebfe98e2c48f946d19471f","sha256":"b572e4cb93037869f438f2bfc0f92ea24276ef5c2b446494209b7ab10661e9e5","sha512":"3f81365bf20234b51f5b0ce1a9b47ddc721df92bba92c14b84001b70c75bba7f1c2d91c44e7153986dcd67e18a80d2a4f1990f6fc09da09f72a9b13df9c3402f","ssdeep":"768:M76MVdVA3B1X9ur8ZYAwP6JsbmkcLPOdstePwhSTbJ6bnwErX6JbzEV8ZKnkTO4B:YWfIndgDuOBqZcymZdLCmLn+nEK","tlshash":"2744b5a8eb1f582f741ba19e07059b61262671bbbc2ca150d96f7d9870fecad7035c03","first_seen":"2026-03-01T05:41:07.279665Z","last_seen":"2026-03-01T05:41:07.279665Z","times_seen":1,"resource_available":false,"data":null}},"time_used":85,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":85,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/444dbad9.d.m.COHDy9Qf.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.577Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/444dbad9.d.m.COHDy9Qf.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 217\r\ntraceparent: 00-4dd15bcb2f84fc4b514ff05c9a945a9a-5804f3ff51cdc721-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-d9\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":328,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text","md5":"a0517c72f11103ed464859912922a96a","sha1":"bbd225f4fc02e62620c85627241b0a75276b3bf3","sha256":"c45395687da9b08de31423ae7477024b2f1b8751f1f081192491e39f5ad431ff","sha512":"5b8f8b30d31dae0d32660fc26e31b2a913dd919e8efa3d4432c51c02971526004a35fe58ff6bf96f96cfa369b52204df8e1272b0b0b988143282ebdc300f6411","ssdeep":"","tlshash":"f2e07db5457b6ff29b9a4c74676cf685ab29609137064484600c91095492f93c3ffc67","first_seen":"2026-02-26T15:36:50.591363Z","last_seen":"2026-03-31T00:45:46.151709Z","times_seen":17,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/telegram-15.svg","fqdn":"cdnimages2.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.859Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /SC/Leonbets/web2_footer_icons/telegram-15.svg HTTP/1.1\r\nHost: cdnimages2.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 1092\r\ntraceparent: 00-d788fd1b69ba20500010c7da4dfebbb8-8d967fb8b132cd89-01\r\nlast-modified: Wed, 21 Feb 2024 07:54:29 GMT\r\netag: \"444-611dfa2f8d8f7\"\r\naccess-control-allow-origin: *\r\nexpires: Tue, 31 Mar 2026 05:40:25 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\nx-id: sto5-hw-edge-gc19\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":1092,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"33a6b37c35799458f311e579b88a535c","sha1":"e3a109451dd5bee8ddc098e6a6c7b9bf0eb987e5","sha256":"352216d091549ff6c7f14890b503117e39a6eab0875ec11d4e0048760ec89e74","sha512":"4e430d416c90178fb550ddc0ab38bc8a3948975e83f622345f665f9a64e602d5594b1844403f450c5aa03a2cb7cd8a8b35aa664ba3c81ec129fbbe1d8478f1c4","ssdeep":"","tlshash":"951175b9aac4f445e401d3e8d978e5a33c1f35fb760ddba88fd06b24e50105d01e1c84","first_seen":"2024-05-15T05:49:44Z","last_seen":"2026-03-29T15:19:13.355958Z","times_seen":85,"resource_available":false,"data":null}},"time_used":367,"timings":{"blocked":82,"dns":11,"connect":7,"send":0,"wait":214,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pixel-us.r2drtb.com/pixel/js?auth=d796s9\u0026event=regstarted","fqdn":"pixel-us.r2drtb.com","domain":"r2drtb.com","tld":"com"},"ip":{"addr":"88.214.195.101","port":443,"asn":46636,"as":"NATCOWEB","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:30.497Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2drtb.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 26 Jun 2025 00:00:00 GMT","end":"Wed, 08 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D0:48:15:25:D2:83:00:DD:7D:70:07:A2:B0:40:FB:88:E5:9B:C3:05","sha256":"59:30:1A:64:93:31:49:89:58:C3:C8:2E:88:12:01:02:54:8C:F0:86:A1:40:B7:58:E0:4A:3B:ED:8D:8F:9F:A0"}}},"request":{"raw":"GET /pixel/js?auth=d796s9\u0026event=regstarted HTTP/1.1\r\nHost: pixel-us.r2drtb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 01 Mar 2026 05:40:30 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 370\r\nConnection: keep-alive\r\nCache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store\r\nPragma: no-cache\r\nExpires: Sat, 01 Jan 2000 00:00:00 GMT\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":370,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"902879accbae1a6e7d4023179a5f5582","sha1":"eb32502a93060cafa892ed9a96689b5a356ed9cf","sha256":"5e077e267743c2a25ba1b85e6cd184c4fd8a9b42a9f077a73f9458cb1ebadc16","sha512":"705c2a0551187db0135f284c4489f46c47095ec831453ed3808eb49f8825de7d2aea554b98f75063485499ccdbbccddfbaec839d0f8a33cf414fbeb1c62b8890","ssdeep":"","tlshash":"17e0ca6d572d7503937620937f71635d243541fd3d0058951c4c9d14289aecffd27c50","first_seen":"2026-02-26T15:36:50.794922Z","last_seen":"2026-03-14T07:22:16.720919Z","times_seen":12,"resource_available":true,"data":null}},"time_used":727,"timings":{"blocked":311,"dns":35,"connect":105,"send":0,"wait":105,"receive":0,"ssl":168},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-01T05:40:22.425Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"GET /ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nUpgrade-Insecure-Requests: 1\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:22 GMT\r\ncontent-type: text/html;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nset-cookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; Max-Age=2147483647; Expires=Fri, 19 Mar 2094 08:54:29 GMT; Path=/; Secure; SameSite=Lax\r\nlink: \u003chttps://mrspeedtime.gcdn.co/js/vite-plugin-import-retry.dca3f5.js\u003e; rel=preload; as=script; crossorigin=anonymous, \u003chttps://mrspeedtime.gcdn.co/js/app.I75bNnF2.js\u003e; rel=preload; as=script; crossorigin=anonymous, \u003chttps://mrspeedtime.gcdn.co/js/rollup.d.m.DiW8JAql.js\u003e; rel=preload; as=script; crossorigin=anonymous, \u003chttps://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,100..900;1,100..900\u0026display=swap\u0026family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400\u0026display=swap\u0026family=Mulish:wght@400;700;900\u0026display=swap\u0026family=Prompt:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900\u0026display=swap\u0026family=Oswald:wght@200..700\u0026display=swap\u0026family=Rubik:ital,wght@0,300..900;1,300..900\u0026display=swap\u0026family=Pacifico\u0026display=swap\u003e; rel=preload; as=style; crossorigin=anonymous\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":42106,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (22152)","md5":"51c6cee347c5b7f6aa4b1c73bf05fb5b","sha1":"1e9973d91d814c3845ceb54190582dcf34e4f773","sha256":"ca584c23b19cc4a75958c024f960d7a1df04d2a30cd022e48ad3b3a040205c5c","sha512":"d47a4bd572c4bcffed4eb96d59b9317a6dc044b84d2711d7b8b17ddecc04c5ad7ad7f2a374fe53c5497f6c62c313ce79af1c12fd241a95a7ab6b66852ffbdcbf","ssdeep":"384:6Hvf5j1YNdNU1MfOjDB6oQlGdD6SsmwuaQtGokYbMHuAO5sz2J3SBCW:6HH5xYNdN5gDBy2D6TmwvokSMQs6JE","tlshash":"f0132bfe1f1485f9fb11a2ebe756208c6a09f46bdd428db4f26c725c77c7a9048e2142","first_seen":"2026-03-01T05:41:07.282903Z","last_seen":"2026-03-01T05:41:07.282903Z","times_seen":1,"resource_available":true,"data":null}},"time_used":241,"timings":{"blocked":78,"dns":25,"connect":22,"send":0,"wait":85,"receive":0,"ssl":28},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/rollup.d.m.DiW8JAql.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.018Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/rollup.d.m.DiW8JAql.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1457\r\ntraceparent: 00-c0f3ce196a54e87eadb4e943754b58c0-04c6d38644837bfd-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-5b1\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":3456,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3407)","md5":"729c48d8490150392538492adb6a0aac","sha1":"5e9420cf8abcbd7d1bd583bbe43c6854981066c0","sha256":"95303c90db5e107a7dd5079170d2dc7b74c6c1f0fb9b65e9b97429408e3e2e79","sha512":"47dfa25b8049647e15d9f7450a3993c2affa178ee5203d21f65f7072d435c7e6cfa985de0388692b5729c86fc701f2144f2924657b3278f92847a4bff7fe1345","ssdeep":"","tlshash":"0461d7d531e0e57212aa1ce9f077b202f27435a234dde4c0e21c8cb56a5accdb155e6e","first_seen":"2025-10-09T22:05:52.437865Z","last_seen":"2026-03-31T00:45:46.189008Z","times_seen":78,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/7ad78725.CPXAGBLL.css","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.184Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/7ad78725.CPXAGBLL.css HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: text/css\r\ncontent-length: 2051\r\ntraceparent: 00-a3fe71dc11848b082d24704eb7434b09-5b4b882d30b000db-01\r\nlast-modified: Mon, 16 Feb 2026 10:20:06 GMT\r\netag: \"6992ef56-803\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 1024643\r\ncache: HIT\r\nx-cached-since: 2026-02-17T09:03:00+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":9010,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (9009)","md5":"3d8c5a8ed733ed887035ddddcf0fba84","sha1":"35922f1282571d131890dccc5aa62a9c9e118e69","sha256":"4d5db851497a6e20b1454ead804fa05c328e7565896a84cb7558ab24b92b8164","sha512":"ed85cbd6458409d5f8582672308e5a87b78d7bccb44d6df8aec9b3b1126f5624f51d99dd69b3cc19f86bef9fe346ddcfc67efdfdc5619acd6b6c5a763d2e8c13","ssdeep":"96:fOf+7XO0jBEn8iwbXD87Yzk1ks/4VvZAsGlFEBrubG8+DnktTqdvbO:fOCjG5YXIYzk1kmGR6dtepC","tlshash":"4f02412182e05c3951a343b6d7c9dd88722cce43623309ebf3a9a45f896159e737e78c","first_seen":"2025-09-27T21:47:06.97025Z","last_seen":"2026-03-08T14:14:44.222084Z","times_seen":105,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/3ed1c1c4.d.m.CPHMeYCp.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.438Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/3ed1c1c4.d.m.CPHMeYCp.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 5334\r\ntraceparent: 00-118889604333dd3409b8a8556353b5aa-a155a7407c06dcba-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-14d6\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14744,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (14693)","md5":"6560cd4e353503d926aa770a75883570","sha1":"f194ea0779213b45d4def8bbb8e7ce339ee2bff9","sha256":"c9f838a28fb337bd1401886e0ae7f9a57ed2e0692dabce82133d354566cfd8e9","sha512":"12a88c963a6f7d6e46a7c0feaab598815542475b85baf543fe81223802bffabaabbfc76ab50c7e0f90942612a38edf3977183e860b4392547d944d1ebb8e3f9d","ssdeep":"384:aNRbRbsCBQmjArdP/LDbcnxAofaRxncvt825L4RJdh/3WFgBBYxTha65:QRFbssdAR/LPcnxJ+xncvZ5cPD/3WFgG","tlshash":"036208f174ed657043e616e0a07b0106e5e9512830c9c4a0f59fc9ff49eb980aaa7f7e","first_seen":"2026-02-26T15:36:50.786882Z","last_seen":"2026-03-01T05:41:07.284836Z","times_seen":5,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/robotocondensed/v31/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.417Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/robotocondensed/v31/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 28864\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 18:45:56 GMT\r\nexpires: Thu, 25 Feb 2027 18:45:56 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:48:20 GMT\r\ncontent-type: font/woff2\r\nage: 298470\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28864,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28864, version 1.0","md5":"4b6dbec2924c348ec965e2ad24ab0f71","sha1":"ca4b40df4c0179bd79b393b176f2d5d19b0f97b4","sha256":"952fba48c212d73793dddc1a4b0589dd8098a335b58babe50dd3e9e03c223c51","sha512":"545845c2a371a1f68dc6ec589d9b87c843099fb8c2e8e1adf1a66cb36538b29969fd3db888e4ea41b011afec0b1959e89f72f8b201c7aedea7a0c9ec0a4b96ac","ssdeep":"768:eTZgucvPHL8H3nJuHrxvedCtA0CueYja6D+LlM2:e+lPr8XJuke6uZWr+2","tlshash":"e2d2f1bf8f08eafaa6efa674958c71f9cc805b3ac904624811133960475c580a7fe4cb","first_seen":"2025-05-29T21:26:20.484128Z","last_seen":"2026-04-04T14:12:03.822221Z","times_seen":3887,"resource_available":false,"data":null}},"time_used":20,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":7,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"i64cl3er5t.com/?serial=39258\u0026creative_id=142\u0026anid=w7ios18ma296pdlgj5054jfu","fqdn":"i64cl3er5t.com","domain":"i64cl3er5t.com","tld":"com"},"ip":{"addr":"172.67.167.148","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-03-01T05:40:22.297Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"i64cl3er5t.com","organization":""},"issuer":{"commonName":"WE1","organization":"Google Trust Services"},"validity":{"start":"Thu, 19 Feb 2026 21:48:28 GMT","end":"Wed, 20 May 2026 22:46:10 GMT"},"fingerprint":{"sha1":"E7:FF:54:95:3B:ED:55:6E:44:5F:AD:A3:B5:1C:03:64:4B:B2:71:2E","sha256":"03:C0:41:7F:53:42:24:F7:76:C8:83:13:B9:2C:AA:D8:8C:43:80:E0:C5:FC:0A:65:29:E4:5B:D0:AF:9D:BD:C0"}}},"request":{"raw":"GET /?serial=39258\u0026creative_id=142\u0026anid=w7ios18ma296pdlgj5054jfu HTTP/1.1\r\nHost: i64cl3er5t.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ndate: Sun, 01 Mar 2026 05:40:22 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlocation: https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nserver: cloudflare\r\nx-frame-options: SAMEORIGIN\r\nx-xss-protection: 1; mode=block\r\nx-content-type-options: nosniff\r\nx-download-options: noopen\r\nx-permitted-cross-domain-policies: none\r\nreferrer-policy: strict-origin-when-cross-origin\r\ncache-control: no-cache\r\nx-request-id: dd8bb4c1554b07f453c8a3bdf1ec4a5e\r\nx-runtime: 0.023239\r\nstrict-transport-security: max-age=0; includeSubDomains\r\nvary: Origin\r\ncf-cache-status: DYNAMIC\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=Z0iMk5oEdAUOHrlxX2Gb3GdPTVSAaYuvp%2FzCamhwGV9EfJE7urYyuBkQz8pi5lGk9V8wIaBSSLrc5QdrcwzqHLKYpLKwOO1odmxbFuDc\"}]}\r\ncf-ray: 9d55d3977a4b4e4c-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":42106,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":141,"timings":{"blocked":18,"dns":0,"connect":1,"send":0,"wait":105,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o237537.ingest.us.sentry.io/api/4508036400611328/envelope/?sentry_version=7\u0026sentry_key=49b7cc7b9bcb8faa9bcc1eb74ae4099c\u0026sentry_client=sentry.javascript.vue%2F10.36.0","fqdn":"o237537.ingest.us.sentry.io","domain":"sentry.io","tld":"io"},"ip":{"addr":"34.160.81.0","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ingest.sentry.io","organization":"Sentry"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 24 Jul 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C4:C7:A0:3C:30:51:F2:AE:98:2C:88:9F:C7:8D:24:55:ED:C3:34:BD","sha256":"78:73:F7:3D:EE:58:1B:F8:9A:1E:17:AB:A3:70:00:86:76:EA:4E:AF:AB:F4:7B:34:5F:FA:39:D8:3B:5D:F4:B5"}}},"request":{"raw":"POST /api/4508036400611328/envelope/?sentry_version=7\u0026sentry_key=49b7cc7b9bcb8faa9bcc1eb74ae4099c\u0026sentry_client=sentry.javascript.vue%2F10.36.0 HTTP/1.1\r\nHost: o237537.ingest.us.sentry.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 424\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":424,"data":"{\"sent_at\":\"2026-03-01T05:40:24.933Z\",\"sdk\":{\"name\":\"sentry.javascript.vue\",\"version\":\"10.36.0\"}}\n{\"type\":\"session\"}\n{\"sid\":\"688122d33c374ac1a41b95bc5e4c319d\",\"init\":false,\"started\":\"2026-03-01T05:40:24.460Z\",\"timestamp\":\"2026-03-01T05:40:24.933Z\",\"status\":\"exited\",\"errors\":0,\"attrs\":{\"release\":\"6.131.3\",\"environment\":\"prod\",\"user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\"}}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: application/json\r\ncontent-length: 2\r\nvary: origin, access-control-request-method, access-control-request-headers\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"99914b932bd37a50b983c5e7c90ae93b","sha1":"bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f","sha256":"44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a","sha512":"27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd","ssdeep":"","tlshash":"c7100000000000c00000000c00000000000000000c0000000000000000000000000000","first_seen":"2023-03-07T01:15:26Z","last_seen":"2026-04-04T14:49:43.141813Z","times_seen":554336,"resource_available":true,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":54,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/highest-odds-improved.svg","fqdn":"cdnimages3.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.049Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /HRJLWPLB/files/showcase/dark/highest-odds-improved.svg HTTP/1.1\r\nHost: cdnimages3.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:26 GMT\r\ncontent-type: image/svg+xml\r\ntraceparent: 00-a06bf62f29fee11ec49244279abc72c4-4bd2372e39087fcb-01\r\nlast-modified: Mon, 04 Nov 2024 12:32:26 GMT\r\netag: W/\"3dc-626157a2f80de\"\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc19\r\nage: 195768\r\ncache: HIT\r\nx-cached-since: 2026-02-26T23:17:38+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":988,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"3f1932ffc775b300408d5db3c8bf329f","sha1":"d28bd96269536e261087b37c21c572f228cfaf94","sha256":"dbbaea8456664ae861efbffc7dbbff140ade719093dbf848c02717a934e06588","sha512":"432d1916b637a5eed9b356f535950c28f18365f3952468a09f22141e008dedc571125ee20660ee4468548729572c8911a3015574ef1f4f36709dd20a75b1faa5","ssdeep":"","tlshash":"59110eb69268e8d2f544d370ca5854e5227215bb66ea4364d1c0efc0ac2b0c62a8d8b2","first_seen":"2024-12-15T10:08:22.090868Z","last_seen":"2026-03-29T15:19:13.36951Z","times_seen":54,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/rollup.d.m.DiW8JAql.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:22.774Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/rollup.d.m.DiW8JAql.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:22 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1457\r\ntraceparent: 00-df7fdf8ea63bc9f38014f391d9b3e63e-9b76ea87922527aa-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-5b1\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3456,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3407)","md5":"729c48d8490150392538492adb6a0aac","sha1":"5e9420cf8abcbd7d1bd583bbe43c6854981066c0","sha256":"95303c90db5e107a7dd5079170d2dc7b74c6c1f0fb9b65e9b97429408e3e2e79","sha512":"47dfa25b8049647e15d9f7450a3993c2affa178ee5203d21f65f7072d435c7e6cfa985de0388692b5729c86fc701f2144f2924657b3278f92847a4bff7fe1345","ssdeep":"","tlshash":"0461d7d531e0e57212aa1ce9f077b202f27435a234dde4c0e21c8cb56a5accdb155e6e","first_seen":"2025-10-09T22:05:52.437865Z","last_seen":"2026-03-31T00:45:46.189008Z","times_seen":78,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":79,"dns":25,"connect":7,"send":0,"wait":9,"receive":1,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-live-1.svg","fqdn":"cdnimages3.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.930Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /HRJLWPLB/files/showcase/dark/color-live-1.svg HTTP/1.1\r\nHost: cdnimages3.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: image/svg+xml\r\ntraceparent: 00-b719c11464aa1e3fc264ab5f0101fcd8-bc6ce5b006cc9cfd-01\r\nlast-modified: Thu, 25 Mar 2021 21:01:52 GMT\r\netag: W/\"26e-5be62b9832baa\"\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc19\r\nage: 278251\r\ncache: HIT\r\nx-cached-since: 2026-02-26T00:22:53+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":622,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"97692ea3e43a69f5716af9c2ad83be76","sha1":"24ceb6099fdd5a7e32ca3a55cff85268f1b2acfe","sha256":"c3862cc2028935c5a5f21f873fe7efdc309a56a5776f5a55453c25e94c804b77","sha512":"58f23778d2fbc42d234a6790f96c044a392223d93b0e61120d514a87353e95f1c16affe289c3a78da978284839f5a6bc22681cc86978388529ccf22c099aef4b","ssdeep":"","tlshash":"cff07def9728ed0ad598c655c61c947a019ec2f3a05d46219284ef283d4d0db6d1d994","first_seen":"2023-07-08T17:48:53Z","last_seen":"2026-03-29T15:19:13.39212Z","times_seen":64,"resource_available":false,"data":null}},"time_used":25,"timings":{"blocked":13,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pixel-us.r2drtb.com/pixel/js?auth=4jg3s6\u0026event=visit\u0026uid=\u0026p3=undefined\u0026p4=","fqdn":"pixel-us.r2drtb.com","domain":"r2drtb.com","tld":"com"},"ip":{"addr":"88.214.195.101","port":443,"asn":46636,"as":"NATCOWEB","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:30.581Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2drtb.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 26 Jun 2025 00:00:00 GMT","end":"Wed, 08 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D0:48:15:25:D2:83:00:DD:7D:70:07:A2:B0:40:FB:88:E5:9B:C3:05","sha256":"59:30:1A:64:93:31:49:89:58:C3:C8:2E:88:12:01:02:54:8C:F0:86:A1:40:B7:58:E0:4A:3B:ED:8D:8F:9F:A0"}}},"request":{"raw":"GET /pixel/js?auth=4jg3s6\u0026event=visit\u0026uid=\u0026p3=undefined\u0026p4= HTTP/1.1\r\nHost: pixel-us.r2drtb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 01 Mar 2026 05:40:30 GMT\r\nContent-Type: text/javascript\r\nContent-Length: 387\r\nConnection: keep-alive\r\nCache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store\r\nPragma: no-cache\r\nExpires: Sat, 01 Jan 2000 00:00:00 GMT\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":387,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"34661bed3d02c3ca84ff0fcb188516e3","sha1":"96cb189c3903862a93b58124a3a8f638a035b61c","sha256":"86b9a87224dedbeabd3767e9c7554ae29717a9eb7133be23addf231d6acb57b2","sha512":"8ce4348596237e3aaba893aea829bc4e6684caeef09e6294099a0720825ec173464f7d2e82c247106ca462ef31d51ccd0330e7f8c616fc6a690291f61e938554","ssdeep":"","tlshash":"a0e0f16e432db502e2a920937f31260c3431c1ff3b00c8c50c4c5d14288af9bfa39c54","first_seen":"2026-02-26T15:36:50.744806Z","last_seen":"2026-03-28T03:46:07.88586Z","times_seen":14,"resource_available":true,"data":null}},"time_used":602,"timings":{"blocked":241,"dns":1,"connect":104,"send":0,"wait":114,"receive":0,"ssl":138},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-2/betline/headline-matches/changes?ctag=ru-KZ\u0026allVtag=9c2cd386-31e1-4ce9-a140-28e9b63a9300\u0026flags=reg,urlv2,orn2,mm2,rrc","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:34.936Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"GET /api-2/betline/headline-matches/changes?ctag=ru-KZ\u0026allVtag=9c2cd386-31e1-4ce9-a140-28e9b63a9300\u0026flags=reg,urlv2,orn2,mm2,rrc HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ; _ga_JZZNGY93CC=GS2.1.s1772343630$o1$g1$t1772343630$j60$l0$h0; _ga=GA1.1.1485598974.1772343631; pixelsink_uid=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5; intercom-id-cnjqphyx=85381ab1-a36d-4721-b8a9-31da0a6aeb3e; intercom-session-cnjqphyx=; intercom-device-id-cnjqphyx=73ea108a-a9be-4949-8c19-bbffe60d1c88\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:34 GMT\r\ncontent-type: application/json\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117036,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"796799c3ab2074ade9b40236944313d1","sha1":"eda02d569306594441ebdcd0456c8a45c1895fc2","sha256":"d1ccc5c2f0b2111165ea944f1d7395b847e665405e1fc3b54f993e1d87f9422a","sha512":"be0454aae6034d1b1fb4d2019559ec4083ef4718671e50011a51525a32c69bbf68069c2b3e72392c20b6ccbe7651a281979153d386719c4248c2b690900637e5","ssdeep":"3072:jkRe+7BlBS/f/sO3oVC/Unp/x5483zacUjAkHy2:jkRe+7BlBS/f/sO3oVC/Unp/x5483zaD","tlshash":"71b3e01863081dbdd7622899cd8b6fb615c4537fbfd8da42b6f8cac431b52ae212111f","first_seen":"2026-03-01T05:41:07.288256Z","last_seen":"2026-03-01T05:41:07.288256Z","times_seen":1,"resource_available":false,"data":null}},"time_used":74,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":74,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-2/betline/headline-matches/changes?ctag=ru-KZ\u0026allVtag=9c2cd386-31e1-4ce9-a140-28e9b63a9300\u0026flags=reg,urlv2,orn2,mm2,rrc","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:40.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"GET /api-2/betline/headline-matches/changes?ctag=ru-KZ\u0026allVtag=9c2cd386-31e1-4ce9-a140-28e9b63a9300\u0026flags=reg,urlv2,orn2,mm2,rrc HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ; _ga_JZZNGY93CC=GS2.1.s1772343630$o1$g1$t1772343630$j60$l0$h0; _ga=GA1.1.1485598974.1772343631; pixelsink_uid=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5; intercom-id-cnjqphyx=85381ab1-a36d-4721-b8a9-31da0a6aeb3e; intercom-session-cnjqphyx=; intercom-device-id-cnjqphyx=73ea108a-a9be-4949-8c19-bbffe60d1c88\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:40 GMT\r\ncontent-type: application/json\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117078,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"cddd8679b6a8d5c1e0dffa651391b39d","sha1":"434df7442a26fba7af56236d893b3bb6a70e67a5","sha256":"768ebd38fd6862a6b5141a61906d41ea23109d14ba7fe8ac845f41135cdd9b0b","sha512":"3cd80ab6bd84e93967575dcfc44d6dab578c11254542678f530e88f8ad1bdb1ad49997b74af635ba09e19d7cfa02d87f66d00b421cae97761247081286fbcc84","ssdeep":"3072:jkRe+7BlBS/f/sl3oqC/jnpEx548kzauUjAkHyF:jkRe+7BlBS/f/sl3oqC/jnpEx548kza6","tlshash":"eab3ef1863081dbdd7622899cd8b6fb615c4537fbfd8da42a6f8cac431b52ae212111f","first_seen":"2026-03-01T05:41:07.289073Z","last_seen":"2026-03-01T05:41:07.289073Z","times_seen":1,"resource_available":false,"data":null}},"time_used":79,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":79,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.767Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 186\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":186,"data":"[{\"id\":\"df65f317-ec43-49d7-948a-4c524b093341\",\"qKey\":\"da53e521-177\",\"operationName\":\"setCoookie\",\"variables\":{\"options\":{\"cookie\":{\"name\":\"firstTheme\",\"value\":\"DARK\",\"httpOnly\":true}}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: firstTheme=DARK; Max-Age=315360000; Expires=Wed, 27 Feb 2036 05:40:24 GMT; Path=/; Secure; HttpOnly; SameSite=None\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1311,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"32fd8a744b8e979750f82211b43906a9","sha1":"fef27b491c1ce947ba97a25103f4df204a158564","sha256":"c05c596e1d1608c9e6c5e171941f5246d3fc945ab1e5cb39707038b619dba638","sha512":"35d3d51de9ba807d0466df7b5f2db02bb14796346e616399181f1c3d6702535dc560d79fae80c0ce5939a745830604f850490db9371c4b934df20d10377be9c0","ssdeep":"","tlshash":"5a21485c11900c7fc5471761e551fe84e3ac59e360d4fe7ea5c0df59a4f94a462228c6","first_seen":"2026-03-01T05:41:07.289807Z","last_seen":"2026-03-01T05:41:07.289807Z","times_seen":1,"resource_available":false,"data":null}},"time_used":69,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/app.6bbc76b4.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:39.002Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercomcdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 28 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"64:9F:0E:45:43:8B:97:70:93:C0:3C:A3:8C:86:3C:74:78:46:6C:83","sha256":"E3:A5:51:D3:19:77:B6:1B:44:2E:AB:1F:87:9D:CF:AA:C8:71:56:3F:4E:E4:70:F5:F0:03:7E:70:C2:D9:65:BF"}}},"request":{"raw":"GET /app.6bbc76b4.js HTTP/1.1\r\nHost: js.intercomcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 252328\r\ncross-origin-resource-policy: cross-origin\r\nlast-modified: Sat, 28 Feb 2026 18:27:42 GMT\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: gzip\r\nx-amz-version-id: nfqEJTSawYPZ0cIEaKzhMTGPpzGySw1i\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sun, 01 Mar 2026 04:03:43 GMT\r\ncache-control: max-age=31536000, s-maxage=7200, public\r\netag: \"7255c3ba2ec5ba7ab8abdae5821c4aa2\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 de27d82c1c354527a5740acf5043eab4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\nage: 5819\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-amz-cf-id: fHe8E3eAzfB9GOO3DouzdEpR2NrptvAATbAIvgRuN04eXdlM9H0qDw==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":1118398,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65462)","md5":"5260772ff21379eef496cb789efe672c","sha1":"6f16e77b73f81fbe439bda1ab23c7164e4464625","sha256":"cfac07c7e934e970a5cc272668df7353f89e78455bfeb2e73f9f6be4fe8f9bfc","sha512":"94ed81d221863008dd22a4706aea55bb8f4fdd61d8781c8d2566890f651f982d64a8316335afa465b74a0d47b583a95d3b7cb1915b4e9d25ccf6f2ac2e56006e","ssdeep":"6144:/Bg2REkvRgCRrMounJFryWCzC8Czrz7Ca0c3ldNqCFi/duBA5q2aqvgKRrcuS7:/Bg2RnRgCNOnzrCvc3bbMlvaqgKH8","tlshash":"b325fac8b1d6b4289363a574407f100ef23fa949f58e4054f62aedd5ac7d08de227fa9","first_seen":"2026-02-28T18:59:38.311983Z","last_seen":"2026-03-01T08:36:40.616323Z","times_seen":14,"resource_available":false,"data":null}},"time_used":46,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":35,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/logo.CTzo9Wgk.svg","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.780Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/logo.CTzo9Wgk.svg HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 533\r\ntraceparent: 00-bb9a28f9c284374b04131d510953d88f-039f8e8843f41ab6-01\r\nlast-modified: Sun, 22 Feb 2026 14:30:41 GMT\r\netag: \"699b1311-215\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 494045\r\ncache: HIT\r\nx-cached-since: 2026-02-23T12:26:19+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":989,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c084e668671b35036439f1639690ef75","sha1":"9988516ab917ea62df37ef9136a9ee89da7e049c","sha256":"6516e9411efd44270ddd1ed1af1523a9c63a61a1bf29b697e1aac53302963b36","sha512":"edec61a2a75471788a707cabe122822827b51e7ae00390f54c00b36dc201a0885b035718ea7f4ec9b2e6344dc485b7d2182c142019daa3fd17f1cae14864a80f","ssdeep":"","tlshash":"0c1121eb861062bcab55afa5ea307416b10f547e3f4a86acc26c830014939d4e40cc54","first_seen":"2025-02-12T21:05:05.539064Z","last_seen":"2026-03-29T15:19:13.409426Z","times_seen":96,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/best-86.svg","fqdn":"cdnimages2.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /SC/Leonbets/web2_footer_icons/best-86.svg HTTP/1.1\r\nHost: cdnimages2.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 54547\r\ntraceparent: 00-5c76caa4d590b0dccffcffa4cb8de0de-35e78273870c5cae-01\r\nlast-modified: Fri, 14 Apr 2023 10:01:38 GMT\r\netag: \"d513-5f948ed5a416b\"\r\naccess-control-allow-origin: *\r\nexpires: Tue, 31 Mar 2026 05:40:25 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\nx-id: sto5-hw-edge-gc19\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":54547,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"84252d3bb3f7bec6a007a3dade8d84e4","sha1":"eef631d5a1527bc7bbcbd424b5272afb4386a96c","sha256":"b146039c094babf2ce8c0d5bd5af4a4d6b390bb2c4c33a60f84a3bd992230c39","sha512":"afdc61cd7f9d2d8013db82b4e36ff9a1e7c53089450d7af034334d4008e6d0c69bcf812cda8bef5bd28e9a803f25177c98e77f7fb39c02d64e2b0afb9b63779e","ssdeep":"768:krgkNuIumlYeh5C2pjoJAPHImabrjJjhwyWB0YgBA:k8i95uJAPoPjFq5V","tlshash":"7f336399e3e5a2e4e005f3f4c62ac8b63a632ef93912ce5583e56d55dc9102c49fdc83","first_seen":"2023-07-08T17:48:53Z","last_seen":"2026-03-29T15:19:13.415857Z","times_seen":74,"resource_available":false,"data":null}},"time_used":449,"timings":{"blocked":59,"dns":6,"connect":13,"send":0,"wait":299,"receive":31,"ssl":37},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/50305e4a.DB0LIsL0.css","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:25.085Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/50305e4a.DB0LIsL0.css HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 116\r\ntraceparent: 00-b0336b78c4bfdb78d8bc92b02e34ece4-c1e02a8319a6d797-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-74\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":130,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"907ac9cfb52ac014c83660d4594f9b02","sha1":"5f62003a8ba7c052178d800ce08eb6562f0ae699","sha256":"964d6f99fb6ca7eb121ca386b807fc661721b1a444da4b5a400916b938ab6d15","sha512":"c3ed4e2dd7b42ec2bd06630a5d156b8e4617f41b6dcd75c8b1f6156ad47ee7bfc4b7beb02310877519cc27c24fecfa92120acb26a9f4b678104e48ff1a282cbd","ssdeep":"","tlshash":"3bc02b5b08d0f377a694308ccd5c7e0480608002a80c03403040e438d1e0030510cc17","first_seen":"2025-09-07T05:29:21.958659Z","last_seen":"2026-03-29T15:19:13.396394Z","times_seen":35,"resource_available":false,"data":null}},"time_used":68,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/769087b8.d.m.ITzlo9tB.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.580Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/769087b8.d.m.ITzlo9tB.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 3511\r\ntraceparent: 00-11fe4caed7373e59439c009ecfa917c8-95ab07596b47ca79-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-db7\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":9548,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (9497)","md5":"a97b2ac14757f4188da0ec0ef2783734","sha1":"f609d1ed485daf753a305a91c8cf30f8aa82a2ba","sha256":"1ce54bfd9a8ef9a74e095ff20438dd261ed146d5bd74ba3db0714760b55690c3","sha512":"c85cfe94e20f8fd9a422a0b6b5be3eac8966046a92fa141f0cd12d63cf62bf5f3d24a69f538527689a25c0b439e0c5728e414292481ff01d099680605d26b4f9","ssdeep":"192:AULK5rHvInYEbNRMNVLAi2JVWUwTwqjkW6JLRvpsJY:NOPInYeNRMLAi2KUwTwqjkW6RRxsJY","tlshash":"d912c5cd73d1fa7252a6a9a5203fa006bb7f66a9681c4420d14dd4c13e7588fc933fad","first_seen":"2026-02-26T15:36:50.748248Z","last_seen":"2026-03-08T14:14:44.173525Z","times_seen":13,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-tv-1.svg","fqdn":"cdnimages3.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /HRJLWPLB/files/showcase/dark/color-tv-1.svg HTTP/1.1\r\nHost: cdnimages3.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: image/svg+xml\r\ntraceparent: 00-842938e4de75b656b0291d86f8ffa5ea-475992f71dc62f99-01\r\nlast-modified: Fri, 19 Mar 2021 17:11:17 GMT\r\netag: W/\"2bc-5bde6cde231b5\"\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc19\r\nage: 256197\r\ncache: HIT\r\nx-cached-since: 2026-02-26T06:30:27+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":700,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"78201370f184cfcceb67ba6d353d3c5b","sha1":"5a291d4ffaf0fdb05027782eb86aa1913c2745e9","sha256":"7e67ee52b9a022aa7601e1a818cfa91bd7bd9dd4d4e677e24891033ed87b9b61","sha512":"939781d469961267ff6baafc61a97c0224eb50a8d12f76be9faeca4f4f2f92922cea90429b5f64d0622870cdbdf9310d14b63da2c1b0803545b9f6bc40f1f385","ssdeep":"","tlshash":"ac012397d15c4a89ba4bc368dd0bf435709c30f745f3d0209142eb7674991da3c1e9d8","first_seen":"2023-07-08T17:48:53Z","last_seen":"2026-03-29T15:19:13.432094Z","times_seen":66,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/fc6a7b48.d.m.DOc8Mx96.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:25.249Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/fc6a7b48.d.m.DOc8Mx96.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 21043\r\ntraceparent: 00-edfa87c35b17baae3874f3c0147e2f06-fc45360a44e98a45-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-5233\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87175,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (65535), with no line terminators","md5":"20619cf11d293e11659c8a24db7a6e58","sha1":"7f11484d826f718140938466063e8031030fc5d9","sha256":"25bb3ef5025be8c8baf6bf1f82718ef46bc293918c78bd3e78a3e5f8f54a8f43","sha512":"646000872b6718daf80cf9ca665af347d89c0bf38f14cbcbda9b7e7326df546b7276e36a72d9cec73bb56aa77443a460693192b24091230cc40f00e2dda7c7d4","ssdeep":"1536:qmBFJ/syhY6fn9T5pyuPXGWjdNcMGE+m5e1iAmilaPUCd0KbZhsCv:qmBXET6fh58uPGEdpGE+m5vs80KbZhP","tlshash":"90831909f4054dffd6a7c219e81a0081e5a80b9571a85f41b6ff0d3f6bd98a067a738f","first_seen":"2026-02-26T15:36:50.684865Z","last_seen":"2026-03-01T05:41:07.295169Z","times_seen":4,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":170,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:31.906Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 157\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ; _ga_JZZNGY93CC=GS2.1.s1772343630$o1$g1$t1772343630$j60$l0$h0; _ga=GA1.1.1485598974.1772343631; pixelsink_uid=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":157,"data":"[{\"id\":\"36354926-b542-463f-b989-ed063e44360d\",\"qKey\":\"78de0be6-1179\",\"operationName\":\"getBanner\",\"variables\":{\"options\":{\"groupId\":\"1\",\"id\":\"3326\",\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:31 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2852,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"7fdab894627aadf8bd43a17de03c1b81","sha1":"33af813aeb13c04928be50016cda6abb8d9f64c1","sha256":"24ecdcfbbd590aacc1882d1ebf6ac32b38b47b95eae4c1dda4336e36f62aeb66","sha512":"4a59a8684a8b8e6406ee365d7945121256b23c48a7be509dc8b7063ef6c844fe5bcb0d1479360be6d1245d016ae45fed5291ccd76b02fee70d3774987b926432","ssdeep":"","tlshash":"a851629b078c1c7ed34a618a78bf3925285e2027a6c1ef58629b4f7832f4e7b413305d","first_seen":"2026-03-01T05:41:07.296048Z","last_seen":"2026-03-01T05:41:07.296048Z","times_seen":1,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-2/wa/collect","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.898Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-2/wa/collect HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/\r\nContent-Type: application/json\r\nX-App-Version: 6.131.3\r\nContent-Length: 46\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":46,"data":"{\"metricType\":\"VUE_APP_LOADED\",\"value\":\"1973\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":94,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":88,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o237537.ingest.us.sentry.io/api/4508036400611328/envelope/?sentry_version=7\u0026sentry_key=49b7cc7b9bcb8faa9bcc1eb74ae4099c\u0026sentry_client=sentry.javascript.vue%2F10.36.0","fqdn":"o237537.ingest.us.sentry.io","domain":"sentry.io","tld":"io"},"ip":{"addr":"34.160.81.0","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.465Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ingest.sentry.io","organization":"Sentry"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 24 Jul 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C4:C7:A0:3C:30:51:F2:AE:98:2C:88:9F:C7:8D:24:55:ED:C3:34:BD","sha256":"78:73:F7:3D:EE:58:1B:F8:9A:1E:17:AB:A3:70:00:86:76:EA:4E:AF:AB:F4:7B:34:5F:FA:39:D8:3B:5D:F4:B5"}}},"request":{"raw":"POST /api/4508036400611328/envelope/?sentry_version=7\u0026sentry_key=49b7cc7b9bcb8faa9bcc1eb74ae4099c\u0026sentry_client=sentry.javascript.vue%2F10.36.0 HTTP/1.1\r\nHost: o237537.ingest.us.sentry.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 419\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":419,"data":"{\"sent_at\":\"2026-03-01T05:40:24.461Z\",\"sdk\":{\"name\":\"sentry.javascript.vue\",\"version\":\"10.36.0\"}}\n{\"type\":\"session\"}\n{\"sid\":\"688122d33c374ac1a41b95bc5e4c319d\",\"init\":true,\"started\":\"2026-03-01T05:40:24.460Z\",\"timestamp\":\"2026-03-01T05:40:24.460Z\",\"status\":\"ok\",\"errors\":0,\"attrs\":{\"release\":\"6.131.3\",\"environment\":\"prod\",\"user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\"}}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: application/json\r\ncontent-length: 2\r\nvary: origin, access-control-request-method, access-control-request-headers\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":2,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"99914b932bd37a50b983c5e7c90ae93b","sha1":"bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f","sha256":"44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a","sha512":"27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd","ssdeep":"","tlshash":"c7100000000000c00000000c00000000000000000c0000000000000000000000000000","first_seen":"2023-03-07T01:15:26Z","last_seen":"2026-04-04T14:49:43.141813Z","times_seen":554336,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":107,"dns":15,"connect":25,"send":0,"wait":54,"receive":0,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:25.684Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 635\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":635,"data":"[{\"id\":\"767e8f21-a0c5-487c-8ce1-44cbad9ea8d4\",\"qKey\":\"297639d9-745\",\"operationName\":\"getPromotions\",\"variables\":{\"options\":{\"categoryId\":\"homePagePromotions\",\"categoryType\":\"CUSTOM\",\"ts\":0}}},{\"id\":\"236ca99b-1685-4056-8730-b1327b6222c2\",\"qKey\":\"10186d6f-1473\",\"operationName\":\"getEgsGames\",\"variables\":{\"options\":{\"type\":\"SLOTS\",\"limit\":50,\"isJackpot\":true,\"ts\":0}}},{\"id\":\"f61b2263-ec0d-4bed-a5ef-8854d940e86a\",\"qKey\":\"39df8872-1248\",\"operationName\":\"getBanners\",\"variables\":{\"options\":{\"ts\":0}}},{\"id\":\"7127fb44-a32d-4691-89e7-6f32d10641c7\",\"qKey\":\"6352b886-793\",\"operationName\":\"getAvailableForms\",\"variables\":{\"options\":{\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":198190,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (64221), with no line terminators","md5":"5c7724fd23f63e8f87ae320ab97c98e8","sha1":"21a7ac37eaf41bee7c575386baa2689bfb87aeaa","sha256":"e26162de849a4828415491a9c225e047c3aba2d35076b5df571b04d26c3e9115","sha512":"b3bac59e9a1ca758ecc131ce56089cf676f7464f36a40906572198e223fa45f2669d30cc414855b59dba9e69432494b2a120926476f931bd7ddb4b28d33b281e","ssdeep":"6144:A0j4lhJBP+xkZaRTKtQ9uw2RefkDrP+xkZaiDa9gN+17S1YF2lbyV4lWOovUBOdb:3V5","tlshash":"71141c7b5a9c783fc3c993853cbf3894a20f34177680eb64a66e596542f4dfa203219d","first_seen":"2026-03-01T05:41:07.296848Z","last_seen":"2026-03-01T05:41:07.296848Z","times_seen":1,"resource_available":false,"data":null}},"time_used":110,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":110,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/sunSw.DL-onBB5.svg","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.372Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/sunSw.DL-onBB5.svg HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/assets/faffda3d.DFhj2As1.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:26 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 240\r\ntraceparent: 00-b6121af4beb63ad8ac33c8ff0d793061-6b61b09f9ff10a79-01\r\nlast-modified: Thu, 09 Oct 2025 13:06:09 GMT\r\netag: \"68e7b341-f0\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 11592459\r\ncache: HIT\r\nx-cached-since: 2025-10-18T01:32:47+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":364,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"b0811eb7ab652dc7ee7bee06fed53671","sha1":"1192b619f776177819ebc73c6f6f31b11b891d24","sha256":"0565ef51f5934a1fc6f8a6e25f958de335b791559e5e0c100b2649acbe64f92b","sha512":"89bdfee5cd795ad373e227320ee5ad9b5509e9e1321726170fd93642d694389df569212784af41ed18a6a21f578507ea65d15cfe5d599e168ed956eae70f4ac9","ssdeep":"","tlshash":"d8e068d34b0af6ac92418636d9a83ae0321e64aa107420a8846e05a020569cee207ce8","first_seen":"2025-02-07T04:57:00.938579Z","last_seen":"2026-03-31T00:45:46.258466Z","times_seen":105,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/92bec47e.d.m.D4KO6kr0.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.026Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/92bec47e.d.m.D4KO6kr0.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 56957\r\ntraceparent: 00-8c7480f0d9bc47a7ce69e725a1c17207-e51c2493f4dad5af-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-de7d\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":334047,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (46740)","md5":"3e80b62b63584e93c1b5fe707284ad9f","sha1":"55cacdc637d5eb4d13274e71b10ba838aa2d0cae","sha256":"46a589027f497a9cc9e75c6a18e0324d933370fd5282ebdaa98f5083ca9eb7f1","sha512":"a08e2735f864922a8ad05f6c4355b4bc9cfadd3405e9048bc9df98b7361c739434cde61fa216631d3a6fd10145c14fcd7f8e1eb09a407b07d56ecd2b55992d17","ssdeep":"3072:dpsacLVJ7lQAIToVpH7RrfIY/RfuRgmsSBbo0ftRIN3xMi8:6jplrbRn+bjftRo8","tlshash":"9064e58d72f86bb5458370f1b63e1932b270e013340c4d993d9d22959fa6618eee6fb4","first_seen":"2026-02-26T15:36:50.590224Z","last_seen":"2026-03-01T05:41:07.298181Z","times_seen":4,"resource_available":true,"data":null}},"time_used":18,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/a1c32793.d.m.DN-8eFVP.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.432Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/a1c32793.d.m.DN-8eFVP.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 24991\r\ntraceparent: 00-2b8ef10072500a23169186c0bc3accb5-71e57e4d355bac86-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-619f\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":137728,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65140)","md5":"f4c8beb847bec8b32080fbe0465ad2b1","sha1":"9908c3906420d1855735d9aaaf8eec2413f1a64b","sha256":"1804b35bee04688257b2ee5b062af180ec65278dbb4b7e7bc1e8409dadb1b720","sha512":"b89e8eb5632cd7762259ee9fd1d7110d9f5eefa37a9a91c7d8bdc96fb71c48a4a73b4ac0cacc2cb334630ca63426a7fed881e31eebc8ec55014af17d9f5a3f20","ssdeep":"1536:vQBzCBghYNXKX7+U2XnfpB1kAX99rCU11iygQlqt8N4IB3bZz:IhRh0nfpB1kANeQlqCN/z","tlshash":"85d3a55b56442cfb4a700e2e5b6a76f862334c94fe52c03391bbab3d3f6b106f11a195","first_seen":"2026-02-26T15:36:50.616873Z","last_seen":"2026-03-01T05:41:07.29888Z","times_seen":4,"resource_available":true,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:27.029Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23664\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 20:03:02 GMT\r\nexpires: Wed, 24 Feb 2027 20:03:02 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:36 GMT\r\ncontent-type: font/woff2\r\nage: 380245\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23664,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23664, version 1.0","md5":"f92ee388273b5931a1b09a41d3906a3a","sha1":"d38fbadd1b1ceccffbfb43f677698f3a7112f0b4","sha256":"481dd0c01e6bbb129fd147eb5d8571016193cba141c4627ca60ceabdb5a46ea8","sha512":"a3a042b0a845b46de4c272bca16e48d5f332386dc3d4e6e8cf4ebc63238950c265d5a1b3955d257ff12fa3ced224ff11818385256786612130bd35dbd5fe2033","ssdeep":"384:GnNWef/I43MJlQUfZZgeoBpKtbPjHdLE+igeN/T67+mFirVAfPdixSNCsugG3iMF:GsCvIOUfZaeoytbZLE+i9pT67+/rVSdO","tlshash":"96b2e012e6c8bdf6e0c1093e25317ecb298fd9eba8724c624c1ab95d339257c5819d4c","first_seen":"2026-02-19T22:49:57.285177Z","last_seen":"2026-04-04T14:12:40.664151Z","times_seen":3204,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/f611dcc0.d.m.DcDVP0x5.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.020Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/f611dcc0.d.m.DcDVP0x5.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 3582\r\ntraceparent: 00-54231b7c8618b04c9ea42407cff5c43b-edbd8a6a73858927-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-dfe\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":11786,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (11735)","md5":"93324d0d8a837dd12bd59d339215d47d","sha1":"20d5df564e767b7386706e0d7e6f517cc2030e73","sha256":"f0cc3b3e04a6d8cbc9db97932c8c9980a851338bce36e83b78885021b6893212","sha512":"331905efc6c9b1a4a5a03837067a761fe215badd2f50bd6c70429ba270f5e9347b5cc480020da96ec4c5d8b4e4d967de712d29adc771df41997c29f5c634ab9b","ssdeep":"192:kXl/6ZpOIWZt7IIZpOItZt7IBgs8NsCbyB3MQumu9ACSCkHCSC2RCtCiCVC7CNCs:mCe/FvsOyB3MQtu9qDj","tlshash":"d132349dff6860b204939855826c70c3c5ad94a0a2352fd1940d1ebafe9f561633fc7e","first_seen":"2026-02-26T15:36:50.733705Z","last_seen":"2026-03-01T05:41:07.299978Z","times_seen":4,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.199Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 13:47:54 GMT\r\nexpires: Thu, 25 Feb 2027 13:47:54 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nage: 316350\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-04T14:48:47.330717Z","times_seen":62274,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":67,"dns":4,"connect":8,"send":0,"wait":9,"receive":10,"ssl":47},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:29.200Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMaxKUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 20556\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 12:15:04 GMT\r\nexpires: Thu, 25 Feb 2027 12:15:04 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:43 GMT\r\ncontent-type: font/woff2\r\nage: 321925\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":20556,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 20556, version 1.0","md5":"8feefe1e602c4b14ff414a77c3af2c2c","sha1":"e57daae78e76c8944e97edecfa656f8608e09db5","sha256":"2addf2d86d7a5778653b36d551e97a39da52855f82fac7461cfc1bd86d460aed","sha512":"893f9695ee887eed00246f24d4ec3e17ed64e2af4fab055f951795f50d34f3685aafcfbda943060a132c42169d2ef5c99d3db4fb901d57a09e712b4ff02afd92","ssdeep":"384:tpv6fcCujSd2+uNZ0omwRnNPqfWvx/CldKV8D2w9lQXL79Ci5q8S/USM2BHRpWp6:fxC0So4wRhx90K6ywQLIWS8S5By5AR","tlshash":"8792e056b288746a77e4e3ecc859ae6c65ed9b0f0c1b15b909322122f196c4734930f9","first_seen":"2026-02-19T22:35:21.90447Z","last_seen":"2026-04-04T14:25:29.81262Z","times_seen":6604,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/d1610888.Zz91Zmdd.css","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.205Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/d1610888.Zz91Zmdd.css HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: text/css\r\ncontent-length: 3892\r\ntraceparent: 00-26717829db860b278146bd482c781767-8a099a6685a4e801-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-f34\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":22987,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (22986)","md5":"72bda927578b5aa7dcb8a5f16e2485db","sha1":"123538bf37d8ac1034de00633da3c254090d25ab","sha256":"14b7a03c801bac68f96425f2063f7518368964f93c48cf93242dc5920bf3609c","sha512":"67468312135ae0cbc84132b9e0238bc5beeae3f32b95086e0278c11e54938f985dce5c2a900c41a8985258021e3044a35d6f8db63b6429f981723d3b532c36d9","ssdeep":"192:+BMmdvKyAFB6C5S6elpt5DV9829gSm2hd2HaBEQpPL+2P2gtxvfTQlBltomDFyK4:No5GB6Cc6yuEvfrKEXWWl","tlshash":"11a253ace290a13aad27e53bd398c6cc6314e980fd52db65f312712984cfee1077d949","first_seen":"2025-02-07T04:57:00.60814Z","last_seen":"2026-03-31T00:45:46.166838Z","times_seen":129,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/f7cf2aa7.d.m.Cn0zlC22.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.576Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/f7cf2aa7.d.m.Cn0zlC22.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1702\r\ntraceparent: 00-5ff67457175e0b6e66bf19a073a907de-0e8664f7eef59f34-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-6a6\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":4284,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (4233)","md5":"b947ef62a7f91df66c383c7f603a51b0","sha1":"54afbe339cf9ad8e4793d3c4e7447cbd1bc7c10d","sha256":"e3b74989ba78a34e873ea7d3e98f3bf9f832584a81de6a23f942862bd7a40857","sha512":"57d2873fe2052ecf8404ce5b2144f76e8b068209ee27c12f593f009e80294d0832fb463c354d5ee365ca6678393d02f0474ab22bbae7dc653ed3be14c448f7a5","ssdeep":"96:kaqcNxpuDF0s/ahcpbjNFpFJRJ3qkdeolh58Q6ud0/bLKCRXxBL:kanx0DGRSpb/pxJ3bdeolh58ad0TemXf","tlshash":"5e9184de76c1b4b997b764e590bb710160291c94701e68e0e12ce6e77e329dfc621f1c","first_seen":"2025-04-24T07:07:12.664409Z","last_seen":"2026-03-31T00:45:46.22582Z","times_seen":99,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/bdddc725.d.m.CbaoAvak.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.503Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/bdddc725.d.m.CbaoAvak.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 9904\r\ntraceparent: 00-a3300541ca859cc1f8711e9583b5b908-6286da33039186fd-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-26b0\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":102084,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"4f50ab4bf71c1e0599ee1a112ad1b96e","sha1":"b10366e0a4a2b4e766ed541d791f936757469047","sha256":"7390da77fbc02ccf8e430bd67f2f52f2a2e03e25d0cb3f56ad3c269b767588de","sha512":"456dc692e6a5653c4e2f22b7616bc8ea7f2e1e9a20ded561c13af57b46a4c4753c5744c0900a6648950c21dbb9259a5658159fcf401baa140fa251e86cf545c1","ssdeep":"768:JIqYS24IJKuqaVS+1oK/WbE4JVNfphlffYzKr5RU2mkU:JxYS2zg3aV5/EEUh5LW","tlshash":"cfa39d982654ed6421b6be82c809d541f4cc4a16fbf8f8e2f75bdd8c154198e33a0fa7","first_seen":"2026-02-26T15:36:50.593664Z","last_seen":"2026-03-01T05:41:07.302931Z","times_seen":5,"resource_available":true,"data":null}},"time_used":122,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":121,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/frame.7b630468.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:31.887Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercomcdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 28 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"64:9F:0E:45:43:8B:97:70:93:C0:3C:A3:8C:86:3C:74:78:46:6C:83","sha256":"E3:A5:51:D3:19:77:B6:1B:44:2E:AB:1F:87:9D:CF:AA:C8:71:56:3F:4E:E4:70:F5:F0:03:7E:70:C2:D9:65:BF"}}},"request":{"raw":"GET /frame.7b630468.js HTTP/1.1\r\nHost: js.intercomcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 246341\r\nlast-modified: Sat, 28 Feb 2026 18:27:42 GMT\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: gzip\r\nx-amz-version-id: H9muxuAx0GrAOtfJ1LamaLiNP4DKDLFe\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sun, 01 Mar 2026 04:07:12 GMT\r\ncache-control: max-age=31536000, s-maxage=7200, public\r\netag: \"5a4e967bdfe4739b86b02c53787dbe0d\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a89672c5bed576aaabefe419c0d5bad2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: Ya6GM7uETdLZ-pJDdKgtT7tcGey8-Pv4qvNkqW3bt3ftNQprs05aZw==\r\nage: 5600\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":1164568,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65464)","md5":"c35d389a97a70dcbd346419e463b5326","sha1":"8a6ba8d155d89cd2df6f45e7b2fbc82bff5a0c3e","sha256":"0cf562d44220a806e50cdf010a6b751c7d421e7c8515927185a0514e121da5ef","sha512":"31eb9e3d9cde028ccd2c65dd79529c825974bf24552520e316e7501a6a85b3eb07f75b59a98f4e5e2be476bd8d725f1f94e58152cbb9a0bead66f16c3bffb4a8","ssdeep":"12288:wiCSeXM5xorZQ+fRnlPGdaTEZBsaNuu8wib:tQNblPGgisae","tlshash":"3425b5ccb2d6f06a43976575802f200bf33ea999b54d8050e629d8d1bcb958ed237f78","first_seen":"2026-02-28T18:53:26.760124Z","last_seen":"2026-03-01T08:51:11.119053Z","times_seen":42,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":43,"dns":13,"connect":8,"send":0,"wait":10,"receive":32,"ssl":19},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/510c96b3.Cej3-qGF.css","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.179Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/510c96b3.Cej3-qGF.css HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: text/css\r\ncontent-length: 1305\r\ntraceparent: 00-d17e5f4d79ae8ccfbf8f62aa25b0cf52-e266e410a5eb37bb-01\r\nlast-modified: Mon, 16 Feb 2026 10:20:06 GMT\r\netag: \"6992ef56-519\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 1024643\r\ncache: HIT\r\nx-cached-since: 2026-02-17T09:03:00+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":5314,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (5313)","md5":"33dc465596a41c508994344c0fd027b6","sha1":"d41fdf2a22d8afa3d2155b5a29bf06522757607c","sha256":"4dc0d05881c887f4fe7e9be5cd642dac6138178e515aecdddb046fc16dd20675","sha512":"399cdf917b4e6f3ef3746e5d65114ebad72c9a869975db1af78187819b02825bd5d842543030e6035d1ea884d7fe8374350c359dde5a638e8bfc8899f8a90daa","ssdeep":"96:Zy7KC0+csvyz1CW6PjvdStPecRdpxvo0FYInz:Zy7KClyz1C9PTd8Pec95o0FYInz","tlshash":"69b1bfb7b5a0312cf5320d03b4444b8b7d84ed0bbbb29d85da67ed298e351af3a601c5","first_seen":"2026-02-26T15:36:50.753547Z","last_seen":"2026-03-08T14:14:44.174132Z","times_seen":13,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/eda0a406.d.m.DtohOhMp.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.419Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/eda0a406.d.m.DtohOhMp.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 7669\r\ntraceparent: 00-928220a10d154167105a5c925a707be7-7898407f79913394-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-1df5\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":25756,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (13622)","md5":"17254bb957af303509597b0b856eedd5","sha1":"062e171c630f4ea76f5c97ac8e9ff7a0b4c41579","sha256":"7a1f977010619685125c16c179cae2c598cc9f3534965c67b494c48617b6b044","sha512":"cd72a1fc42c7db46c94fa513d15e730a992db793596e9ba63e3330cc5ca16dd43f1530d33286c27f3d01ae5b609c2c9f247801bc4a30ab3be5eb8e45c3284846","ssdeep":"768:k+ovhCB7Vsfjo7U9qoWuERqNPNMGkNmw+Eokqss4erb9W6zkwgDBjVZK:kBUfooqNtZQoaI","tlshash":"7dc2f9c1329272b1834684f2e6320253e33a65547806a8bd79bd75db79c1d87ab73bf0","first_seen":"2026-02-26T15:36:50.685699Z","last_seen":"2026-03-01T05:41:07.304451Z","times_seen":4,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/64da48c6.Bzp1FI1x.css","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/64da48c6.Bzp1FI1x.css HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: text/css\r\ncontent-length: 3440\r\ntraceparent: 00-428b0b7b699f2055c7c3e7f2f8885376-2efccc2d25fb1270-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-d70\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":16893,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (16892)","md5":"b9d3ba5bc1e4191e3b360bda8e20bb02","sha1":"72ff12c681a8bf2c0ee48691048c92a7061f9f14","sha256":"7ff83136ad4b2a4df5c3d122a616cf4d761ff70fcb45a5043d789fc4abfb77d3","sha512":"78855ae1ac7b29ec757e32a6cedcc912d9f05bffd3d95c9bffbe96fa33a0be552aea46bf4cdf5f2f1c289b34b299fb5f075feaba01e268e21f75e10075a123c7","ssdeep":"192:Jw7vLZ03o2kZVz80GJCRjMiS7cZmn0A3tMHWbkRnHOp8Lv0wzJzY7gToDx:K7vLCulGWJDJRWwzJzWgToDx","tlshash":"a07295d50d64367abb3bb11fd6e29a0ca21ecc46da932695b6e1e12c43c638192f3d04","first_seen":"2026-02-26T15:36:50.740583Z","last_seen":"2026-03-02T20:05:03.693308Z","times_seen":6,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/12-2.svg","fqdn":"cdnimages2.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.886Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /SC/Leonbets/web2_footer_icons/12-2.svg HTTP/1.1\r\nHost: cdnimages2.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 165042\r\ntraceparent: 00-56544d55e42ade41af1f3013018ba24a-ff20ce7b6460699a-01\r\nlast-modified: Thu, 10 Nov 2022 08:55:39 GMT\r\netag: \"284b2-5ed19effd3324\"\r\naccess-control-allow-origin: *\r\nexpires: Tue, 31 Mar 2026 05:40:25 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\nx-id: sto5-hw-edge-gc19\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":165042,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"29ef3e1b3145fe7b6a77a486cab71bda","sha1":"3bd96f0d228bc68dc4e87c39168540ff5a3ae9d1","sha256":"5470f7fa02f991e3f8b943d97e190f4f4753ec155e3c7924809975d3716a0b8f","sha512":"c46f62a288e3d212594354e96b8f7d2dc3c4a631f9ee240d87a96cf7925a6cf020c85814e04fcafec2c0fd376eb01190753f7d19e613e524ca57c8ce58bdad27","ssdeep":"3072:KlKYsaeeaeZRg2CJ5lEZ3eZIVvTeXlDz0O3Ear749g/v:KoZaMK3wIVKXlDzgar74Qv","tlshash":"b8f36a3b1d9cab8e33721c6ecf07147d3d8d64edb24081df649fb5dae2928509a25da0","first_seen":"2025-07-09T00:32:09.348151Z","last_seen":"2026-03-01T05:41:07.305669Z","times_seen":5,"resource_available":false,"data":null}},"time_used":488,"timings":{"blocked":75,"dns":0,"connect":12,"send":0,"wait":270,"receive":64,"ssl":53},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:25.787Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 139\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":139,"data":"[{\"id\":\"5c387006-d794-4217-94cb-ccecb39c5e3d\",\"qKey\":\"9ea32f24-159\",\"operationName\":\"getCustomerStreams\",\"variables\":{\"options\":{\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":267173,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"b3bab094d33f6d74a8da5d1059afbc78","sha1":"7a57ff1fbf3e060b74e8553948042d23f9c0cea4","sha256":"aec843894afebf254bc75fffc10e8860492d4ee29a9906be882666f93f5586d0","sha512":"05c33fa3175c7cf7d9df720fa1ed621171a00fe3f81ba6e119ca776b03b73430d94fe9880c20068c70a9a3725533011a4211fa37b064ac32204673c6ba7b1221","ssdeep":"768:176MVdVA3B1X9ur8ZYAwP6JsbmkcLPOdstePwhSTbJ6bnwErX6JbzEV8ZKnkTO4T:RWfInd3DuOBqZcymZoLCmLn+nEK","tlshash":"8c44b5a8eb1f582f741ba19e07059b61262671bbbc2ca150d96f7d9870fecad7035c03","first_seen":"2026-03-01T05:41:07.306407Z","last_seen":"2026-03-01T05:41:07.306407Z","times_seen":1,"resource_available":false,"data":null}},"time_used":86,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":86,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:35.870Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 139\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ; _ga_JZZNGY93CC=GS2.1.s1772343630$o1$g1$t1772343630$j60$l0$h0; _ga=GA1.1.1485598974.1772343631; pixelsink_uid=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5; intercom-id-cnjqphyx=85381ab1-a36d-4721-b8a9-31da0a6aeb3e; intercom-session-cnjqphyx=; intercom-device-id-cnjqphyx=73ea108a-a9be-4949-8c19-bbffe60d1c88\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":139,"data":"[{\"id\":\"6eec9631-826a-4345-8046-44b92ed624a3\",\"qKey\":\"9ea32f24-159\",\"operationName\":\"getCustomerStreams\",\"variables\":{\"options\":{\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:35 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":267328,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"ce086c9e6d25201399f0c5b2bc71d780","sha1":"ed40f04aec3dc72fcd0cea322c560c914dfdd266","sha256":"c8b287b41b282e2ab41559efae0dfd008671e0c4dede78ebd03b43524e580f63","sha512":"15d8fcc6821efc3a609914dd175147f538cadb9804ca8bc8887a4fa076001945c452aeb09b6e465914c29435ffae19b846b0b8a45f1ede3af0f10cfe12f0b794","ssdeep":"768:E76MVdVA3B1X9ur8ZYAwP6JsbmkcLPOdstePwhSTbJ6bnwErX6JbzEV8ZKnkTO4B:gWfIndgDuOBqZcymZdLCmLn+nEK","tlshash":"c744b5a8eb1f582f741ba19e07059b61262671bbbc2ca150d96f7d9870fecad7035c03","first_seen":"2026-03-01T05:41:07.307164Z","last_seen":"2026-03-01T05:41:07.307164Z","times_seen":1,"resource_available":false,"data":null}},"time_used":101,"timings":{"blocked":9,"dns":0,"connect":0,"send":0,"wait":92,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-2/wa/collect","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.220Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-2/wa/collect HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nContent-Type: application/json\r\nX-App-Version: 6.131.3\r\nContent-Length: 47\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":47,"data":"{\"metricType\":\"BUNDLE_LOAD_TIME\",\"value\":\"258\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":71,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":71,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/moonSw.DTmx5t_S.svg","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.374Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/moonSw.DTmx5t_S.svg HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/assets/faffda3d.DFhj2As1.css\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:26 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 209\r\ntraceparent: 00-9615e088521441d68946053e5787484c-358c51a99c124586-01\r\nlast-modified: Sun, 18 Jan 2026 17:39:13 GMT\r\netag: \"696d1ac1-d1\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 3522486\r\ncache: HIT\r\nx-cached-since: 2026-01-19T11:12:20+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":326,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f673be269667167e50ad29b3c8d4ca22","sha1":"1884d32e417962d76ad00b4b342243ee5c5ee813","sha256":"1248692f89afc35d90d402e22d5db4ddccd51391372bb1db5ecc317385255fe9","sha512":"0d12c27d1bcd3109bccb82f486e6b817aa7f9c14290c8979d68d4ddb5b8443f7c73a83d478cceffbd14e6aa8c83437863b4befabcbaf2a7a492c946e7fb4acca","ssdeep":"","tlshash":"00e07df24689880c342bcd72575146a523cf00fc346808e6d5ceca7af0c7a94e61bd44","first_seen":"2025-02-07T04:57:00.93733Z","last_seen":"2026-03-31T00:45:46.273576Z","times_seen":105,"resource_available":false,"data":null}},"time_used":11,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/vendors~locale-ru-json.9a007ed9.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:32.955Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercomcdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 28 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"64:9F:0E:45:43:8B:97:70:93:C0:3C:A3:8C:86:3C:74:78:46:6C:83","sha256":"E3:A5:51:D3:19:77:B6:1B:44:2E:AB:1F:87:9D:CF:AA:C8:71:56:3F:4E:E4:70:F5:F0:03:7E:70:C2:D9:65:BF"}}},"request":{"raw":"GET /vendors~locale-ru-json.9a007ed9.js HTTP/1.1\r\nHost: js.intercomcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 25277\r\nlast-modified: Wed, 25 Feb 2026 22:34:04 GMT\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: gzip\r\nx-amz-version-id: iF0lpVs3IVoWrI_w4FmLxZ3hE.mwaN4b\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sun, 01 Mar 2026 04:40:30 GMT\r\ncache-control: max-age=31536000, s-maxage=7200, public\r\netag: \"61e2de074a1059619690d02e3f217c0c\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a89672c5bed576aaabefe419c0d5bad2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: tvSMyjSQiYm5Lkmoa7QYvAoT5p0pw_MTxZb_R-EqHg3oOcTiP-7arQ==\r\nage: 6903\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":113112,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (46303), with no line terminators","md5":"b3b3405e0ce3a012472cea812de0de11","sha1":"e6608e04a01f3c3c36d35b422deb6065b6593966","sha256":"6a8edc536a4b81ab8506a2af5e5637eefb5b92f8f9e16f33075446109f0ac813","sha512":"d126b11434a064f9de0e3232baf306e3fed1a1957ed5a31408f579e982410570b79c178b6d5e8241d2dea1a01c573ecdcf2aee8a88a742b3816987c1a584b2f2","ssdeep":"3072:L9Br/fmoQP+2LHC4bJt6SeiUQKXlWyTbAWfPkcPzPGWIdVRY/SMDkgvW5P4W97I+:L95/fmoQPni4bJt6SeiUQKXlWAbzPkci","tlshash":"12d310199529a8da023f6467f8043f897ef5c5feabcc461b197c9b3d24d93e0c13a246","first_seen":"2026-02-14T18:25:29.942588Z","last_seen":"2026-03-01T05:41:07.308458Z","times_seen":7,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/oswald/v57/TK3iWkUHHAIjg752GT8G.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.211Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/oswald/v57/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 28488\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 17:21:40 GMT\r\nexpires: Wed, 24 Feb 2027 17:21:40 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:46:11 GMT\r\ncontent-type: font/woff2\r\nage: 389924\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":28488,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 28488, version 1.0","md5":"22c3b00d2e65fb2c876a292423108958","sha1":"3c61d84659817fef687045bbfa0e1da9568e164b","sha256":"bd73278ee0c50041b91b4c03d1229e35b501637f46b6409e7da2d3a758446ea5","sha512":"33954d8a7ed3c87b3af8577bbae9439b9efba2a64445463d893681dad085bb8630d31c995ce010510a9c732926017dba9d5fd5002d0000ec1488b61889d6ddfe","ssdeep":"384:jlzdJfoB5YJ2kG1CdQegm8m00xr19KB668/BOTqE85gyqvPA34uEomcGvpMwvg84:jlzdyBzhIb0u1QB6vBOv8uvPAovJCs4","tlshash":"cfd2e0195e9673efe4552d3ea830affe91e32aad30507162c5db6c1155c438bc8e4ec4","first_seen":"2025-09-11T19:05:43.498829Z","last_seen":"2026-04-04T14:47:10.838637Z","times_seen":18132,"resource_available":false,"data":null}},"time_used":148,"timings":{"blocked":63,"dns":1,"connect":22,"send":0,"wait":13,"receive":4,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3yUBA.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 43136\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 13:47:54 GMT\r\nexpires: Thu, 25 Feb 2027 13:47:54 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:37 GMT\r\ncontent-type: font/woff2\r\nage: 316352\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":43136,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 43136, version 1.0","md5":"665db5e157d2138835c4037c971ff3a4","sha1":"41ca6b7e4818eb81531d8006ff7ddd971c640879","sha256":"1404ca348bd75ef836f4dd8b6f2cc719458642d1237c368296b2fc652dca47dc","sha512":"6c999466673c9873b1b112d6ab95c7cecb99467ea156e3e046b54c5f3d109c3845b05cbb2a0245d178430c7b2ceacd5110f7d8faf7e041100f44852b0c29fe9a","ssdeep":"768:tMTmVhyXCrekkraPAjrWMMWD3UJmw0FRwoglekm+hQ7//geceSF/mEQBPMAmDu5:cmHkCrHvPAjrWMMI3UJswogl4j7/hSlW","tlshash":"f9130231eb70ee59962c903454e7fda9433b1457d731aca80e99a1ce6f8103454facec","first_seen":"2026-02-19T22:27:43.350598Z","last_seen":"2026-04-04T14:48:47.330717Z","times_seen":62274,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdn0.match2one.net/tracking/m2oe.js","fqdn":"cdn0.match2one.net","domain":"match2one.net","tld":"net"},"ip":{"addr":"172.67.71.164","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:30.475Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"match2one.net","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Sun, 11 Jan 2026 17:42:04 GMT","end":"Sat, 11 Apr 2026 17:42:03 GMT"},"fingerprint":{"sha1":"20:25:E3:91:37:36:57:45:FC:53:D0:0C:9A:A8:2F:DD:65:37:90:14","sha256":"49:B0:09:D8:05:A6:92:22:02:6B:98:D3:08:62:81:7C:83:1E:DB:43:24:F7:E2:E8:5F:E0:F1:9C:1A:C5:E4:78"}}},"request":{"raw":"GET /tracking/m2oe.js HTTP/1.1\r\nHost: cdn0.match2one.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Mar 2026 05:40:30 GMT\r\ncontent-type: text/javascript\r\nx-amz-id-2: b9vbybQ/rgRzK/X1ew0BoHyP8NhmQVOTKpCZtgNFWr2hatQSdfX9nKYqjsprMwjv3D8JN0fANwE=\r\nx-amz-request-id: JJ66B1CQNMM1RQC0\r\nlast-modified: Thu, 18 Sep 2025 07:53:55 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nserver: cloudflare\r\nage: 4375\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=cPEfcmLkby9VU7QzHlbmr9yRL1GN7Kyb0FPY8dHgRjiuS1NOod88u3Tsg8BXPyPf8L2pJOYtk5INvHs%2Flvd%2BzJwOKqvfA6%2FxFPZJkwqKCMpNy5K9UA7c2dpGObgvdz%2FN1VOauXA%2BdxU6DahXD7YxYGFTVUo%3D\"}]}\r\ncache-control: max-age=14400\r\ncf-cache-status: HIT\r\netag: W/\"76401bdbcf3ea72cd04aa2d225f6bccf\"\r\ncontent-encoding: br\r\ncf-ray: 9d55d3ca8aa30daa-OSL\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":5052,"size_decoded":0,"mime_type":"text/javascript","magic":"JavaScript source, ASCII text","md5":"76401bdbcf3ea72cd04aa2d225f6bccf","sha1":"dbc688e11aa8d9f93346a4821feaf3dbec553154","sha256":"a9420087b1c4f37a5887f4c27a8a83a758932a1a62fb5a37c082db5ce00afb09","sha512":"96523727c305ffcb97058d6156fe3c97158979bffd0c9cb980085a39ae326a102c1ed8fc7cdb4ab101d082bc391216ff4bca98fcef59c8d98a8e2607ce90fa84","ssdeep":"96:uSwHeEvVaoXsMiCMw7I3iCa6ejkhdfB+mRRKyRpVGtSu:Wt8CMw72iCGjkhbHRR5VGtSu","tlshash":"1ea12f1936fb62b304eb64694b8f2031713c579b305a89007d5cbf101fabc659a9bfa8","first_seen":"2025-11-12T23:10:11.563014Z","last_seen":"2026-04-04T14:23:33.261591Z","times_seen":367,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":16,"dns":4,"connect":1,"send":0,"wait":8,"receive":0,"ssl":12},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:30.710Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 475\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":475,"data":"[{\"id\":\"dbed4e36-c543-437a-b0a8-5d13cc89b6ac\",\"qKey\":\"0956b97c-118\",\"operationName\":\"doSaveLog\",\"variables\":{\"options\":{\"appName\":\"@frontend/web\",\"appVersion\":\"6.131.3\",\"level\":\"WARN\",\"line\":0,\"column\":0,\"error\":\"[shield][success] {\\\"session_id\\\":\\\"262adc80153111f198ad69b297a138dc\\\",\\\"helmetId\\\":\\\"5a96d223bcf50629a1d9fcb2c4c3934f\\\"}\",\"file\":\"\",\"url\":\"https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\",\"ts\":0,\"stacktrace\":\"\",\"payload\":\"\"}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:30 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":131,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"4278fcd263eb8ded86dec8383d4277e6","sha1":"7e03a26eeb6549893aaa4ab41a9f892b6b8cfa29","sha256":"aced6b9815b4e98ee268e204938441e8b7edd9dc8f27300b11a9b5cc9219d9a3","sha512":"e6ff9787b0fd451fcf2543a5cd08d47665a8a1f10b9ab7f486f6f53621658090028c191e5d15417969a996e775192b9a7e0c7eb905cd95cef6ba01ca874e83a7","ssdeep":"","tlshash":"cec02b807f5102014e0486442735d940a71871414080880c41c8301090809bc178fc11","first_seen":"2026-03-01T05:41:07.314633Z","last_seen":"2026-03-01T05:41:07.314633Z","times_seen":1,"resource_available":false,"data":null}},"time_used":55,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":55,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:29.233Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMawCUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 41348\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 20:17:03 GMT\r\nexpires: Wed, 24 Feb 2027 20:17:03 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:43 GMT\r\ncontent-type: font/woff2\r\nage: 379406\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":41348,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 41348, version 1.0","md5":"1097956fa17313da073e6216a7ce860b","sha1":"205228bc618a378a36ef6200894c10aa1decda09","sha256":"7cb4281a0ccc84cc18617842c639fc66541cbef94a9dd245c754700210b4fcec","sha512":"d2f56f8ac5c1d6923329a6f731d4363682a336496eb70b7b097f463e49ab98ac2b647274a3ec20d7100a423be87544ac0695664ffe7fb7e75b4794aad9838bae","ssdeep":"768:TGU5B51vUw+tWqAGDH4WfomxkTXmXCoGCUjNjI6kBt8rx2rKCyrFAPkzFe:awBAbUqAPdT8v/Yj/UrKCWne","tlshash":"08030281e1301fcbd501e8b666bfb868ead51e5458e312b596f3c614c05b0eba35cfc1","first_seen":"2026-02-19T22:44:03.51646Z","last_seen":"2026-04-04T14:05:31.64557Z","times_seen":1674,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtag/js?id=G-JZZNGY93CC\u0026cx=c\u0026gtm=4e62p1h1\u0026is_td=1\u0026v=3\u0026t=t\u0026pid=1077871270\u0026gtm=45je62p1h1v871047016za20gzb890860847zd890860847\u0026seq=2\u0026exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026dl=leon75.bet%2Fregistration\u0026tdp=G-JZZNGY93CC;71047016;1;6;0\u0026mde=G-JZZNGY93CC;17_2;19_1;47_1;61_1\u0026tdc=G-JZZNGY93CC*G-JZZNGY93CC\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:31.339Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:37 GMT","end":"Mon, 27 Apr 2026 08:36:36 GMT"},"fingerprint":{"sha1":"8B:BA:E2:19:5D:6C:81:59:ED:D8:AA:3B:2D:5F:A3:A2:C8:A1:E3:DF","sha256":"B0:8C:FC:C1:98:34:EB:0E:FF:AB:13:B4:9E:AA:B1:7E:02:11:9A:93:31:F2:A1:0F:23:9E:2B:C3:6F:EC:26:F8"}}},"request":{"raw":"GET /gtag/js?id=G-JZZNGY93CC\u0026cx=c\u0026gtm=4e62p1h1\u0026is_td=1\u0026v=3\u0026t=t\u0026pid=1077871270\u0026gtm=45je62p1h1v871047016za20gzb890860847zd890860847\u0026seq=2\u0026exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026dl=leon75.bet%2Fregistration\u0026tdp=G-JZZNGY93CC;71047016;1;6;0\u0026mde=G-JZZNGY93CC;17_2;19_1;47_1;61_1\u0026tdc=G-JZZNGY93CC*G-JZZNGY93CC\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sun, 01 Mar 2026 05:40:31 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:46:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgtc:46:0\r\nreport-to: {\"group\":\"ascnsrsgtc:46:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:46:0\"}],}\r\nserver: Google Tag Manager\r\ncontent-length: 0\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":39,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/510c96b3.d.m.B3GUEaEv.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/510c96b3.d.m.B3GUEaEv.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 87026\r\ntraceparent: 00-4efe479ebac790de0486c6f88483229a-52f91f0bced10abd-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-153f2\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":344042,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (37505)","md5":"6119d8704e7b249ebab9ea70435f918a","sha1":"6022432d505351227ad61ec8734c5a53196cb545","sha256":"4e3bf72f8745aba5d05b27f50c4af834972627433c823b4434ae580a46058c48","sha512":"74931ee1a4274d9b32c56f5de08a633cad18d04f2461f9d68512374e939266568b55a30751a1ba413a9a1331cfae8cd9e327697f5ec5b52043144cc74ec83059","ssdeep":"6144:9+bVwWKqWa4Eb6MxVibG+Va4oeEtv2z4W+ARwzb7t3aUmWA:9+hPKS4Eb6+QjVa44u4W+AyzHt3aUmp","tlshash":"19744c5872a27238e7fa50b9502b054173740f40341ae8f8f16dae6979a1c0dd7bbdbe","first_seen":"2026-02-26T15:36:50.765949Z","last_seen":"2026-03-01T05:41:07.315904Z","times_seen":4,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/6449d237.d.m.B76ytd41.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.598Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/6449d237.d.m.B76ytd41.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 915\r\ntraceparent: 00-64675356cc15fd74bfc94ce47158b7a9-2dae9c4c2994493e-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-393\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2571,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2520)","md5":"6bb8d55f4c09d7207c3f0610a33fc067","sha1":"00c9bfe2de5acbab74808e2a7379b5da6f0ae039","sha256":"0d591f7741d7485727ce57951a6642ac52988a43e9bece0f6f981fc8fe49ef7e","sha512":"e7ded559ffe65f34fcdeb1fea810574738d6d39b3d93c13e0fb95ec10127ffec03d951622ba9e63ad929e3e867944cba18988489d68ad726ecadedeab283995c","ssdeep":"","tlshash":"8c5130c035f17a61966b2af3c53f012bf57a1895fb0e5482b816edd97834032a35fd89","first_seen":"2026-02-26T15:36:50.604063Z","last_seen":"2026-03-01T05:41:07.316582Z","times_seen":4,"resource_available":true,"data":null}},"time_used":20,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":18,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-2/i18n/ru-kz/1772195507224.a0d24.js","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.185Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"GET /api-2/i18n/ru-kz/1772195507224.a0d24.js HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: application/javascript\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncache-control: max-age=315360000, public\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":231740,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (48674), with no line terminators","md5":"f417a3b3e90cac4c43dd95d46fe3ab91","sha1":"ea70d8e68bda605a08bdf436a1482042948e9678","sha256":"ee926692ed999b1ea9aa0020e615d0caab5b84f679c435f9e1b8a5670ab1dfb5","sha512":"1a70ad5be79f70caf21363305668f7506ee0c0da399b51999a2a97707906be8345ccdd6d406ab75bde077cfca81e60b4bb9b389ef339ea772927c6f2b9cd8118","ssdeep":"6144:Vr9Znf/Bg8CB7CC6W2l6rQcwSUgtm1/OE/UrA9Ze6zK+ESefTC10s3SnL7qyxnH9:VhZnf/Bg8CB+C6W2l6McwSU2mlOE/26i","tlshash":"6c340f20d79ea5cb5144b41bf8046e0a7aba86ff3f6a535604b42c7e34f703c623d59a","first_seen":"2026-02-26T15:36:50.663754Z","last_seen":"2026-03-01T05:41:07.317295Z","times_seen":3,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":105,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/a1fca7f1.d.m.BZM33g_E.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.566Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/a1fca7f1.d.m.BZM33g_E.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 751\r\ntraceparent: 00-aa68f79c69e16a5760025dc6287723f8-e0a0857cd9b40210-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-2ef\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":1926,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (1875)","md5":"ebde2d39f138a42baa20b276bfd63fae","sha1":"116843f5a885a77c9f2ba259e9e23d1fd045dc02","sha256":"35b26c3e85d5472fa3cb91ddcfa727d44b843b651bdc033fda887ae732e75317","sha512":"e81ee8c2932550539af19077a06bc6b2bfdfd46ffe171793b73efcedbd3d986482dc4537d266c629a665c6f15a2971294ab176c03b298147dd4d2fecac6882cb","ssdeep":"","tlshash":"a841ddcb738498329b57d9acae1f6f72287ff246451ac2a84158f1f015820ddc05af2d","first_seen":"2026-02-26T15:36:50.677605Z","last_seen":"2026-03-08T14:14:44.244184Z","times_seen":13,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pool.liftdsp.com/pixel?id=154038\u0026t=js\u0026sink_id=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5\u0026\u0026timestamp=2026-03-01T05:40:31.149Z\u0026fire_id=1772343631149-c0a0ea76-6b10-4f63-992d-65ce78237fce","fqdn":"pool.liftdsp.com","domain":"liftdsp.com","tld":"com"},"ip":{"addr":"35.206.140.87","port":443,"asn":15169,"as":"GOOGLE","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:31.741Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pool.liftdsp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Thu, 04 Sep 2025 00:00:00 GMT","end":"Sat, 03 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E9:D1:1F:8C:03:79:86:40:F2:82:80:03:91:2F:F5:D3:BE:9E:80:E6","sha256":"45:A8:F2:04:BC:98:4C:A8:E1:9A:B1:A0:3F:CF:0A:6A:43:2C:B4:D6:CC:5C:26:2E:59:FD:FC:B1:AE:AE:58:26"}}},"request":{"raw":"GET /pixel?id=154038\u0026t=js\u0026sink_id=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5\u0026\u0026timestamp=2026-03-01T05:40:31.149Z\u0026fire_id=1772343631149-c0a0ea76-6b10-4f63-992d-65ce78237fce HTTP/1.1\r\nHost: pool.liftdsp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 302 Found\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-length: 0\r\ndate: Sun, 01 Mar 2026 05:40:32 GMT\r\nlocation: https://pool.liftdsp.com/ul_cb/pixel?id=154038\u0026t=js\u0026sink_id=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5\u0026\u0026timestamp=2026-03-01T05:40:31.149Z\u0026fire_id=1772343631149-c0a0ea76-6b10-4f63-992d-65ce78237fce\r\nset-cookie: tuuid=572666fc-38e2-406c-913f-0a58fc9e1f05; path=/; expires=Mon, 01-Mar-2027 05:40:32 GMT\nc=1772343632; path=/; expires=Mon, 01-Mar-2027 05:40:32 GMT\ntuuid_lu=1772343632; path=/; expires=Mon, 01-Mar-2027 05:40:32 GMT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"302","status_text":"Found","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":980,"timings":{"blocked":475,"dns":303,"connect":30,"send":0,"wait":29,"receive":1,"ssl":139},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/images/typing-indicator-dots-light.5721bd84269f3292a306.webp","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:39.696Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercomcdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 28 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"64:9F:0E:45:43:8B:97:70:93:C0:3C:A3:8C:86:3C:74:78:46:6C:83","sha256":"E3:A5:51:D3:19:77:B6:1B:44:2E:AB:1F:87:9D:CF:AA:C8:71:56:3F:4E:E4:70:F5:F0:03:7E:70:C2:D9:65:BF"}}},"request":{"raw":"GET /images/typing-indicator-dots-light.5721bd84269f3292a306.webp HTTP/1.1\r\nHost: js.intercomcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: image/webp\r\ncontent-length: 13034\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nlast-modified: Thu, 26 Feb 2026 18:55:32 GMT\r\nx-amz-server-side-encryption: AES256\r\nx-amz-version-id: Hm197qqmZMrE2_bcFaK2ZU7tV5acg6dG\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sun, 01 Mar 2026 04:23:08 GMT\r\ncache-control: max-age=31536000, s-maxage=7200, public\r\netag: \"b700720d35e89d819d57de437af03efd\"\r\nvary: accept-encoding, Origin\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 2d4ccfc38ee1229022124d55e34be376.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\ncross-origin-resource-policy: cross-origin\r\nage: 5685\r\nx-content-type-options: nosniff\r\nx-amz-cf-id: _3sJ5KfGlelEpQARoRVMr4gLKVNZeVwM4Y9hNOPwNJYaqd64fCPoWw==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":13034,"size_decoded":0,"mime_type":"image/webp","magic":"RIFF (little-endian) data, Web/P image","md5":"b700720d35e89d819d57de437af03efd","sha1":"7494ac76d2d990f18f996f62b6178f5157c166d1","sha256":"8282648c2bb0939b8d60499cc5720a7784697c07e9c9df3fedc7c17095826507","sha512":"70672f1200ffce46aae932af1c019d72d38b35f65d0f16f79c7b67907c2cb4a1664424656220479ba604146de3a56aef116828f7577f132703344446580d4bf8","ssdeep":"384:OC9X27RBsApMK2WfWNMs9PNSx2eUBbGGuQiD2ifu7:OC9iRSOMKnds9F1/jif4","tlshash":"5e42aed6f753b499e16318f64e92d0d02622169d24039f68a047f6f3998098dff0ef9c","first_seen":"2025-07-01T17:19:57.394659Z","last_seen":"2026-04-04T14:28:08.453284Z","times_seen":6571,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/faffda3d.d.m.n-3WgiQB.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/faffda3d.d.m.n-3WgiQB.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 707304\r\ntraceparent: 00-7e51fda5abc92e826893d0fa014f4576-c790804e0d3342b3-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-acae8\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":3821214,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (65140)","md5":"608182513cd2e849a4c477cf5e7e6a4e","sha1":"6480f38de445c1509bee5473db7d3d18f0c1ec53","sha256":"177e72ce0ffb0db871e5d557a6361e76c74281127219cde1f0fafe546beb8ec1","sha512":"2eb2f83a05475cee2def6b50523dfcbd4c39999f76e6fc6447ed566490f34af0497730cc3a5038b07228c13a31d154c899d0ddb90da1921b0d1fe4c3927704f2","ssdeep":"24576:PkJ+7nWRCTH6LAD+dUsqO9XTy28ojRLA7Dued5mxqYHs24Bb+SDZRVTzTOjE:8J+7nLTH6LAD+dUsqO9XTy28ojRLA7Dp","tlshash":"04255b5ab54d3576c3f30556a09a0440a63c0b95f12488c1e9fd8d3e2aded3493bbfae","first_seen":"2026-02-26T15:36:50.598602Z","last_seen":"2026-03-01T05:41:07.318801Z","times_seen":4,"resource_available":false,"data":null}},"time_used":40,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":31,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/launcher-discovery.d1875f8b.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:39.538Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercomcdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 28 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"64:9F:0E:45:43:8B:97:70:93:C0:3C:A3:8C:86:3C:74:78:46:6C:83","sha256":"E3:A5:51:D3:19:77:B6:1B:44:2E:AB:1F:87:9D:CF:AA:C8:71:56:3F:4E:E4:70:F5:F0:03:7E:70:C2:D9:65:BF"}}},"request":{"raw":"GET /launcher-discovery.d1875f8b.js HTTP/1.1\r\nHost: js.intercomcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 2896\r\ncross-origin-resource-policy: cross-origin\r\nlast-modified: Wed, 25 Feb 2026 22:34:01 GMT\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: gzip\r\nx-amz-version-id: 2GkzryLDfWhYMXyujee9rI732wQYoT2o\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sun, 01 Mar 2026 04:19:35 GMT\r\ncache-control: max-age=31536000, s-maxage=7200, public\r\netag: \"33270438cf9b36b8b8aa922f163a4801\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 de27d82c1c354527a5740acf5043eab4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\nage: 4942\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-amz-cf-id: 1hPRBmJbzAlVPrir6JZTVnwaVmFHQYPPlH6yRACf48hdHrv9OBaOVg==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":9259,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (9259), with no line terminators","md5":"34aaa9da72969478ed8d2ea582525efd","sha1":"552d3333be48350da31b0a2388211df25528ec3f","sha256":"8af207004942b12e6b94a46e1aeff39c214abbd6a434e0ba9827fe1845462e64","sha512":"955b9ed806d80133f055296cb29905c9b9ac0f7c4fd798c2973fa8ca6f0be703cc1a9c22d830ea771029bde0bbd217dd7e50e30f72ee62ab6fb2ae31bad9e51d","ssdeep":"192:eTmN958T+0h/5TlUci3szx9OcR/uIVdWDteCvYxqL:ORFhjUci3cx9OcR/uIVdWDteCvYxqL","tlshash":"bc12c748f86ef42c92e353a482bf500d237d96a8d41a55fcb865d4e54ffd00c5623f2a","first_seen":"2026-02-18T11:49:54.344753Z","last_seen":"2026-03-23T07:42:40.202464Z","times_seen":522,"resource_available":true,"data":null}},"time_used":16,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":14,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-2/betline/headline-matches?ctag=ru-KZ\u0026flags=reg,urlv2,orn2,mm2,rrc\u0026merged=true","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.771Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"GET /api-2/betline/headline-matches?ctag=ru-KZ\u0026flags=reg,urlv2,orn2,mm2,rrc\u0026merged=true HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: application/json\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117541,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (62691), with no line terminators","md5":"a3c31355bd543d577bf1a32d1cf6ccd5","sha1":"809b8dc2b05c3541efd28f4d446d5fa2e49c73d7","sha256":"1b853c311c48a2688d0a83fec44bc8deb7eaf4372cabf7a2166804ac227c7ebe","sha512":"23dc59a02851f72a54ac212a5ff21741a0876d4caef13ae620b993a4fb462e05afc22b117ec1475956678a8fdcabc4b2f0c3c8d8ed859851c0d75e7bd886ae2f","ssdeep":"3072:ZkxexcOlyh/Y/sO3oVREUnp/+W4/ozaSjjAkHyF:ZkxexcOlyh/Y/sO3oVREUnp/+W4/oza/","tlshash":"c1b3ef1863081dbdd7622899cd8b6fb619c4537fbfd8da42b6f8cac431b52ae112111f","first_seen":"2026-03-01T05:41:07.322695Z","last_seen":"2026-03-01T05:41:07.322695Z","times_seen":1,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-2/wa/collect","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:30.476Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-2/wa/collect HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nContent-Type: application/json\r\nX-App-Version: 6.131.3\r\nContent-Length: 41\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":41,"data":"{\"metricType\":\"GTM_READY\",\"value\":\"8197\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:30 GMT\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":65,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/td?id=G-JZZNGY93CC\u0026v=3\u0026t=t\u0026pid=1077871270\u0026gtm=45je62p1h1v871047016za20gzb890860847zd890860847\u0026seq=1\u0026exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026dl=leon75.bet%2Fregistration\u0026tdp=G-JZZNGY93CC;71047016;1;6;0\u0026frm=0\u0026rtg=90860847\u0026slo=42\u0026hlo=10\u0026lst=1\u0026pcid=90860847\u0026bt=0\u0026ct=3\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:30.732Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:37 GMT","end":"Mon, 27 Apr 2026 08:36:36 GMT"},"fingerprint":{"sha1":"8B:BA:E2:19:5D:6C:81:59:ED:D8:AA:3B:2D:5F:A3:A2:C8:A1:E3:DF","sha256":"B0:8C:FC:C1:98:34:EB:0E:FF:AB:13:B4:9E:AA:B1:7E:02:11:9A:93:31:F2:A1:0F:23:9E:2B:C3:6F:EC:26:F8"}}},"request":{"raw":"GET /td?id=G-JZZNGY93CC\u0026v=3\u0026t=t\u0026pid=1077871270\u0026gtm=45je62p1h1v871047016za20gzb890860847zd890860847\u0026seq=1\u0026exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026dl=leon75.bet%2Fregistration\u0026tdp=G-JZZNGY93CC;71047016;1;6;0\u0026frm=0\u0026rtg=90860847\u0026slo=42\u0026hlo=10\u0026lst=1\u0026pcid=90860847\u0026bt=0\u0026ct=3\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sun, 01 Mar 2026 05:40:30 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:46:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgtc:46:0\r\nreport-to: {\"group\":\"ascnsrsgtc:46:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:46:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":31,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":31,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-2/wa/collect","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.226Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-2/wa/collect HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nContent-Type: application/json\r\nX-App-Version: 6.131.3\r\nContent-Length: 34\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":34,"data":"{\"metricType\":\"TTFB\",\"value\":\"85\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":68,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/13.svg","fqdn":"cdnimages2.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.883Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /SC/Leonbets/web2_footer_icons/13.svg HTTP/1.1\r\nHost: cdnimages2.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 26566\r\ntraceparent: 00-08f88e7c0561f6dba0702c666aa9c993-268d4f1a3b4faaad-01\r\nlast-modified: Thu, 10 Nov 2022 08:54:36 GMT\r\netag: \"67c6-5ed19ec3c5d5e\"\r\naccess-control-allow-origin: *\r\nexpires: Tue, 31 Mar 2026 05:40:25 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\nx-id: sto5-hw-edge-gc19\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":26566,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"1cbb2bad84b320f84bb156a22206b54c","sha1":"d13895756a75b9359de441d9bcc636c22737443c","sha256":"5fcba2366db4986d91bd6a617a6f21d9ac2331076b55e20c3672abcac091dda3","sha512":"48516499033ab95e8d7f6bd52092aea355c7394fc86fb27de4f5c8d2b7cb7e8571fe72928ee32fa31a948b7d8c600942d0c2e9735f2b577827c9c91f736a5da4","ssdeep":"768:zvY+LgP+fUfG017lm5Z0L8uA1qduTBtOrOHioe/TA6:8+8PTuk7yC2qUKToUTA6","tlshash":"cbc2e13344a7eb175729c22023fdb666eb890d82ad083d5d58756d7b3f59987c63000f","first_seen":"2025-07-09T00:32:09.378827Z","last_seen":"2026-03-01T05:41:07.323602Z","times_seen":5,"resource_available":false,"data":null}},"time_used":405,"timings":{"blocked":64,"dns":4,"connect":13,"send":0,"wait":271,"receive":1,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/robotocondensed/v31/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/robotocondensed/v31/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 51412\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 15:05:39 GMT\r\nexpires: Thu, 25 Feb 2027 15:05:39 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 10 Sep 2025 16:48:47 GMT\r\ncontent-type: font/woff2\r\nage: 311687\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":51412,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 51412, version 1.0","md5":"9e5e97447fcc00eca79e97de3b337831","sha1":"efafc4ef0f1ac7fefb6e22be4ea9c681a53d415a","sha256":"8d230115e58faa2ed303bee567b91d1a792e0c958a0118998b53648b2ab7c057","sha512":"ff66693e0a9dfcf51c16540c713de433c308e0b4afb31b48aab7fc7b46684e24494468826219fcd82e0cb26a40ec4addb8db741553e66e496d6cb1d7c9513055","ssdeep":"768:18/PyhTHe3I1xDq5OqDPcdn9jxYzJ2LEWPf4FPkEsSfR7vpNfyB4dnzoQub:rr1HAcnlxwJ2LJwFfHuyNub","tlshash":"ac3302a818f688a9d57e19446f2b0d908566123731a2037bcb524f8b12e96e332ddb77","first_seen":"2025-05-29T18:08:33.81349Z","last_seen":"2026-04-04T14:23:10.908923Z","times_seen":18867,"resource_available":false,"data":null}},"time_used":21,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":11,"receive":10,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-2/wa/collect","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:30.563Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-2/wa/collect HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nContent-Type: application/json\r\nX-App-Version: 6.131.3\r\nContent-Length: 41\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":41,"data":"{\"metricType\":\"GTM_READY\",\"value\":\"8274\"}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:30 GMT\r\nvary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"application/octet-stream","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":72,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/64da48c6.d.m._ybvxIKL.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.351Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/64da48c6.d.m._ybvxIKL.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 26294\r\ntraceparent: 00-35a161e13ad1126c12a42a44e88f2227-9e39a79974c6eacc-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-66b6\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":90109,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (55799)","md5":"4570f21bc689ef7948cd5e825dfc6b53","sha1":"e85a73f74a405f858ab181eee1d1355c2fc79c7d","sha256":"76cdccbcb5ae9183e9019eed34ede1cd017c6383a91a7359bf2842b62fa87cd1","sha512":"c33321ce454c7ee9d59a2d06e809f99c97f4a89ef2272770d9ceec35b9c6a75c7b484121fb12be60e534e6f651f4510cb3db213456b172246c6676cc5fcc48e7","ssdeep":"1536:vdmJ88SSSGwlF5m8/cha/wroeQnq8vrIOHmvDB3IcHiuAT+KAEheXb2WQtx:8JKSGLh/c4/wr/OnT+KdheXb2WQtx","tlshash":"ce933b9d36997439837b41bdd13b0801a32a0e85b41885d1f1fedeae1eda811d3b7e1d","first_seen":"2026-02-26T15:36:50.760318Z","last_seen":"2026-03-01T05:41:07.324736Z","times_seen":4,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/d1610888.d.m.BOZMQuK3.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.434Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/d1610888.d.m.BOZMQuK3.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 144923\r\ntraceparent: 00-2243bf1fc87344e5340f72493c47cbd1-70620296378e93b7-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-2361b\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":611025,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (33867)","md5":"20b93657e81f925235ab54b56d6c8b03","sha1":"6b72786a21dbd464c861b1f043e9c97ca2a8cd0b","sha256":"d59deed8f4df56066be0110a0331219a5c6bfe4077fbc097e50380432e3b3ec3","sha512":"8b7b4d4d0e042b1d52b998640d711609eba77269228ef2ed934fc4d4c9beb54e7330c55610e92509094bee83e1c2fa149b66c1afe7ffe4fdd2457d1800b1fda2","ssdeep":"12288:PHgzdDVx/MfP/045ZaCIwBZ4qWp67h7Y6Ud5bCzjd4yQYdwg/dv2LC5154Uy0:PHgRZx/Mfk45nIwBZ4qWp67h7Y6Ud5b6","tlshash":"76d46b997151343547b640ac806f050ab33a2a2e685dd8acf26df5ef29adc48317ff78","first_seen":"2026-02-26T15:36:50.637061Z","last_seen":"2026-03-01T05:41:07.325557Z","times_seen":5,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":38,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/prompt/v12/-W__XJnvUD7dzB2KYNod.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.210Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/prompt/v12/-W__XJnvUD7dzB2KYNod.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 17940\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 20:17:15 GMT\r\nexpires: Wed, 24 Feb 2027 20:17:15 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Thu, 28 Aug 2025 11:25:32 GMT\r\ncontent-type: font/woff2\r\nage: 379389\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":17940,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 17940, version 1.0","md5":"d00c3e51355e3bb01c063709fbab809f","sha1":"13dadc7c5b140de8748bc9203573b93931451126","sha256":"76f4b0e556e9bdcdcd9c839d20f5e3420a3ccca3f2d5da2f7beefb0e95a09bcb","sha512":"f25c89140713d8d0f135d05f658cc46473e1664376486271aef7239e01999fe9ef32ac5d839183c3c22026eb7a7bbd4d102f1beb0c531c80a80e25b04a580674","ssdeep":"384:nhLa3NqEycXKtdAqWvZH8VqnY62EwwlcES75nBCOmplNSkTkb:n4IEycXY5WllvvwvHnf4yQU","tlshash":"5782d1cd9304ce64b06b600e2b61b48463c72f77e938c77f5146cd35abda9574e112a5","first_seen":"2025-04-24T06:53:03.973679Z","last_seen":"2026-04-04T13:39:57.320782Z","times_seen":2964,"resource_available":false,"data":null}},"time_used":146,"timings":{"blocked":64,"dns":1,"connect":21,"send":0,"wait":11,"receive":2,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/17ff6b76.d.m.D2Kkw9n1.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.904Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/17ff6b76.d.m.D2Kkw9n1.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1102\r\ntraceparent: 00-17d7462257865b146e826b8bace12f65-bc2feb94c4268f13-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-44e\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":2372,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (2321)","md5":"eb83e258cad95b044c6b6cb1aa73ce48","sha1":"7b54058fa5cafa75dd09bba20e6aa00827c6e267","sha256":"f19e2f626213025c1e335d00018e03c59d8894f974c352fd5ee3a2aa56bedc5b","sha512":"32feb5c5462c41d04916425aa47e4ffb61a03f497411ca196bdc0f2c9cecc61acdff98ec67e506d36614a24d4d2e6806bc1f187088b45036c0e86ca2536968c5","ssdeep":"","tlshash":"8d4183b9b190e0384339c4ade47391d4ab3a5760b3b6c8e1d05e256d0ab8cc6c275ecb","first_seen":"2026-02-26T15:36:50.683783Z","last_seen":"2026-03-01T05:41:07.327008Z","times_seen":4,"resource_available":true,"data":null}},"time_used":69,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":69,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/f927d477.d.m.D2OUHn8z.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.019Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/f927d477.d.m.D2OUHn8z.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 2295\r\ntraceparent: 00-e2a34589f1966464c6178e3d384b60e9-e214cebe5f1c0d0f-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-8f7\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":6067,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (6016)","md5":"7f280d99c0cf5954311d1cf8af8185da","sha1":"1a3a7096eabbd628a3dd645e4f276580adad4dae","sha256":"8de8232d730813112edfb364db069d06378a4a1dd2b83248734b082e9d80f872","sha512":"8a3ec8eb36fa8fa6d2e967b19637c9a74d181c0cc80107cd6b79c1a7ce81d85c96662c42a0f0ee7ab20b458fc7a3b0c8de2e782fa98cc33463db7e75d1a1a258","ssdeep":"96:k+Rw54EyJB5k1Ydu1JJGWJhTn4FljEWfKZBy4bdz7naTZ5ToFpjdYNEFErZAZquy:N24tJB4Ydu1PGW7r4FlVSyO9sToFpJan","tlshash":"d9c1d6a9338e76404277147d259e1085b07c6884644d182af5e8f87a3c65caa4fffefe","first_seen":"2026-02-26T15:36:50.749396Z","last_seen":"2026-03-31T00:45:46.275763Z","times_seen":17,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/ba8af1f8.d.m.VUq491aJ.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/ba8af1f8.d.m.VUq491aJ.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 38473\r\ntraceparent: 00-87495879e742d2ee2798e8d2a4053640-d7474ca5c31b610e-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-9649\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":130226,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (30849)","md5":"763f5748cb8de1ff18f23bc4bf1ed472","sha1":"af677b45c05f46ed8e511b6ccf4858ec2de68ce1","sha256":"17a9dcd3dd8578dc751ee088728516ffa6c8535022462ab5029dd09d7052002c","sha512":"7a650f50e7f54ba94192525ba54c051a59135008b0b4ade793e6334836e8303371c84fa6045eeeb5cb11dd6eebabc06df07b1caba54ba0d42aea9d4f36fd2d8e","ssdeep":"3072:ULwZR9YYnU+3hyAIRGyBcl8oJBTEV3V5fRk:ULwZR9YYUIyAIRGacge","tlshash":"37d3e5c872e2f06283e22470002f440af27e6d69949cd494f6a9d4f53df995e8637f6e","first_seen":"2026-02-26T15:36:50.709985Z","last_seen":"2026-03-01T05:41:07.328394Z","times_seen":5,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/171e0e51.d.m.xz1lIgn4.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/171e0e51.d.m.xz1lIgn4.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 8789\r\ntraceparent: 00-52dc8289b30137c287a7c7b0cb002927-3db31cd3c7215a93-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-2255\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":28038,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (27987)","md5":"66ba9517997f2a1808479c60f4aae99e","sha1":"28dd521e26138cf99b52cf6e41b8dcdc43097377","sha256":"5c9cb9045751f00bbc0bbd5a6cb62242d151908524361cc058ec52e5c77b03cd","sha512":"ea1d6c00125267ea318a4b8a41d99d3a3d40d1077b23f14dffff69458014adcd3033cabfbdb0994c54dc012877504dee62eb647a90dcaeeecb667743ef49882a","ssdeep":"768:8y7QHHdKPVd3GcR602tiBBV8OmojgACvUWk/1WbFws5pSGf0lNu6ur2:MKPVhpEK8OmPAgwTu6G2","tlshash":"e3c23be66353e1b28b7b41ca50770182e21446e4f44884f0b9fe986e36ea892d356f3d","first_seen":"2026-02-26T15:36:50.638341Z","last_seen":"2026-03-01T05:41:07.329329Z","times_seen":4,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/mulish/v18/1Ptvg83HX_SGhgqk3wot.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.208Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/mulish/v18/1Ptvg83HX_SGhgqk3wot.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 29968\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 04:22:54 GMT\r\nexpires: Fri, 26 Feb 2027 04:22:54 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Mon, 08 Sep 2025 18:00:40 GMT\r\ncontent-type: font/woff2\r\nage: 263850\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29968,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 29968, version 1.0","md5":"50220d0057de0b9e5dc8b4fb36ee97a9","sha1":"4d0c1135f6767c3945e596c25abf69919ba4b646","sha256":"8d1d33d6beea5a722b8f336d79c61c07405949457e37b5e65454c72dc10aba1a","sha512":"e305c7df33c9c99a62adc9637eac538520d846fdafffa738095667c8eb5326519564899211099ae4f39b63fb6d62f9366553861f101d797063447a61be8d1df4","ssdeep":"384:u8H1OIFdhnzrgxPfQPhTI67jde+X+7LEF15v/+cVur4KlRNME5BSwkR42VrSebai:3VOargxCRdpOW73Q/NMEqw8XrS8Bz","tlshash":"f3d2f2784521eddf2ecff7167a43bd92208be67b88f9268d92c5601b21360342c1dde5","first_seen":"2025-09-09T02:39:13.146786Z","last_seen":"2026-04-04T15:12:59.537019Z","times_seen":5118,"resource_available":false,"data":null}},"time_used":300,"timings":{"blocked":152,"dns":0,"connect":0,"send":0,"wait":9,"receive":2,"ssl":137},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"nexus-websocket-a.intercom.io/pubsub/5-vOhbmrrfJIYP3AL63BX9mOPiNkmiqJBxzR5jo-rSkG9ZKeZWlu8gWkzJ1l_fu_9CdiVO1CCK3q6fQY32vN3jmWd7plGj8ZKcVJo-?X-Nexus-New-Client=true\u0026X-Nexus-Version=0.18.5\u0026user_role=visitor","fqdn":"nexus-websocket-a.intercom.io","domain":"intercom.io","tld":"io"},"ip":{"addr":"18.97.36.66","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:32.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"nexus-websocket-a.intercom.io","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Mon, 08 Sep 2025 00:00:00 GMT","end":"Wed, 07 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"5B:20:11:79:9E:6F:58:15:2B:89:DD:5C:DE:80:08:89:D6:0E:18:4D","sha256":"B8:10:76:1A:37:66:06:C7:4D:AE:50:03:73:69:52:0C:37:BD:46:1C:EA:36:07:26:E8:3C:FF:FA:39:BA:CA:81"}}},"request":{"raw":"GET /pubsub/5-vOhbmrrfJIYP3AL63BX9mOPiNkmiqJBxzR5jo-rSkG9ZKeZWlu8gWkzJ1l_fu_9CdiVO1CCK3q6fQY32vN3jmWd7plGj8ZKcVJo-?X-Nexus-New-Client=true\u0026X-Nexus-Version=0.18.5\u0026user_role=visitor HTTP/1.1\r\nHost: nexus-websocket-a.intercom.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://leon75.bet\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: E7JPLlyskQvjV++z3YFF3g==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx\r\nDate: Sun, 01 Mar 2026 05:40:33 GMT\r\nConnection: upgrade\r\nUpgrade: websocket\r\nSec-WebSocket-Accept: xCRBObdF3AcvUwoxrX7giD6nEZQ=\r\nSec-WebSocket-Extensions: permessage-deflate; server_no_context_takeover; client_no_context_takeover\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":289,"timings":{"blocked":0,"dns":2,"connect":93,"send":0,"wait":92,"receive":0,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api-iam.intercom.io/messenger/web/ping","fqdn":"api-iam.intercom.io","domain":"intercom.io","tld":"io"},"ip":{"addr":"44.193.165.2","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:32.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercom.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 13 Nov 2025 00:00:00 GMT","end":"Fri, 11 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E2:7C:0F:4C:CC:B1:6F:45:04:99:4A:D4:CB:5C:0B:60:CA:75:CD:8E","sha256":"A6:51:D4:CB:51:4E:EF:B9:AD:B6:95:84:A1:3B:92:C1:BF:81:F5:22:36:A3:50:A2:8E:92:09:4A:15:D0:7E:CC"}}},"request":{"raw":"POST /messenger/web/ping HTTP/1.1\r\nHost: api-iam.intercom.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 836\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":836,"data":"app_id=cnjqphyx\u0026v=3\u0026g=13a802a20105f3a9ee604c01417792e909cb724e\u0026s=6b7c3a2d-ee52-466d-b317-4375efe5f92a\u0026r=\u0026platform=web\u0026installation_type=js-snippet\u0026installation_version=undefined\u0026Idempotency-Key=46bda729d42659f0\u0026internal=%7B%22marketo_tracking_cookie%22%3Anull%2C%22hubspot_tracking_cookie%22%3Anull%7D\u0026is_intersection_booted=false\u0026page_title=%D0%9BE%D0%9E%D0%9D%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE\u0026user_active_company_id=-1\u0026user_data=%7B%22anonymous_id%22%3A%2285381ab1-a36d-4721-b8a9-31da0a6aeb3e%22%7D\u0026source=apiBoot\u0026sampling=false\u0026referer=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\u0026device_identifier=73ea108a-a9be-4949-8c19-bbffe60d1c88"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Mar 2026 05:40:33 GMT\r\ncontent-type: application/json; charset=utf-8\r\nstatus: 200 OK\r\nvary: Accept,Accept-Encoding\r\nx-intercom-version: 3a6278ee6fbdf3603b9aef0a30a40e5281af1419\r\naccess-control-expose-headers: x-request-id, x-runtime\r\ncontent-encoding: gzip\r\nx-request-id: 00120efuhnu02eltbml0\r\netag: W/\"9b916e64670c64574a8833dd3fa39981\"\r\nx-frame-options: SAMEORIGIN\r\ncache-control: max-age=0, private, must-revalidate\r\naccess-control-allow-origin: https://leon75.bet\r\nstrict-transport-security: max-age=31556952; includeSubDomains; preload\r\nreferrer-policy: strict-origin-when-cross-origin\r\naccess-control-max-age: 86400\r\nx-xss-protection: 1; mode=block\r\nx-request-queueing: 0\r\ntiming-allow-origin: *\r\naccess-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA, traceparent, X-Continue-Intercom-Trace\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nx-runtime: 0.153281\r\nx-content-type-options: nosniff\r\nserver: nginx\r\nx-ami-version: ami-05c78277a6b2db1be\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6710,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"4145d57de958311b60fb36c3a22feebf","sha1":"33e82b919cc5e8c75bf35474a611143620fd9a66","sha256":"9b916e64670c64574a8833dd3fa3998164c7f712771328886652748a9f0a6830","sha512":"357974776eccdc9bb4dc12574eac67d261cb49b7af5a22d50779a09fdc58114d870e9dffc590ce0837bf670d47f900db0cc88e3bdcfcb5a30b0f4ab9ff0b7d31","ssdeep":"96:4rHa7YOyaRvUal2JOHAIzlGjzK14zMwaLjGMlbjfZ9B1NAOU5zVfwHwhPD1M6+74:4rHa7YKRvUaZgaTxDB+lw+1M7GtX","tlshash":"dfd1898c89481c3e73cb82d6c7557e0a0bb942a7f2946d84f9b8cd2d21d7399527b307","first_seen":"2026-03-01T05:41:07.331286Z","last_seen":"2026-03-01T05:41:07.331286Z","times_seen":1,"resource_available":false,"data":null}},"time_used":250,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":250,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/71c69379.d.m.aWyPCXM4.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:25.022Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/71c69379.d.m.aWyPCXM4.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1755\r\ntraceparent: 00-e76ee7e24329842b1c2dc637a3462e0c-d11b039ae847f536-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-6db\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":4658,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (4607)","md5":"ee2e29a72d0fce3890f8cb615f28478a","sha1":"534099a9a7020724e9c6dc3b775f27653b5cf773","sha256":"dda9ff0fbba426b2b4d72b6996e95809cf56b688149eddeec4b158c826de7232","sha512":"a2fb98bc167acb901287a2dcdbd89922a434a7589b2244e8d18bc2fd6e4c5f753f7959a753f53237905e270fc819c872ae6e470826fea000e442e43d83f09128","ssdeep":"96:KFdyU4MS/X0uGz1OtEIts0uGz1OlsUx/dwvuGz1/5MvQrPbMeqwKLPU:KFdyUS/U1QgU1ypDU164rJqw+8","tlshash":"d0a1e78d3c7e98709bef984fe1690c19de2d0fa215558e8194bf04b727bbc40d213827","first_seen":"2026-02-26T15:36:50.660594Z","last_seen":"2026-03-01T05:41:07.332624Z","times_seen":4,"resource_available":true,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.048Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23664\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 20:03:02 GMT\r\nexpires: Wed, 24 Feb 2027 20:03:02 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:36 GMT\r\ncontent-type: font/woff2\r\nage: 380244\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23664,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23664, version 1.0","md5":"f92ee388273b5931a1b09a41d3906a3a","sha1":"d38fbadd1b1ceccffbfb43f677698f3a7112f0b4","sha256":"481dd0c01e6bbb129fd147eb5d8571016193cba141c4627ca60ceabdb5a46ea8","sha512":"a3a042b0a845b46de4c272bca16e48d5f332386dc3d4e6e8cf4ebc63238950c265d5a1b3955d257ff12fa3ced224ff11818385256786612130bd35dbd5fe2033","ssdeep":"384:GnNWef/I43MJlQUfZZgeoBpKtbPjHdLE+igeN/T67+mFirVAfPdixSNCsugG3iMF:GsCvIOUfZaeoytbZLE+i9pT67+/rVSdO","tlshash":"96b2e012e6c8bdf6e0c1093e25317ecb298fd9eba8724c624c1ab95d339257c5819d4c","first_seen":"2026-02-19T22:49:57.285177Z","last_seen":"2026-04-04T14:12:40.664151Z","times_seen":3204,"resource_available":false,"data":null}},"time_used":14,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/rubik/v31/iJWKBXyIfDnIV7nBrXyw1W3fxIk.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.403Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/rubik/v31/iJWKBXyIfDnIV7nBrXyw1W3fxIk.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 35348\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 21:20:07 GMT\r\nexpires: Thu, 25 Feb 2027 21:20:07 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:39:37 GMT\r\ncontent-type: font/woff2\r\nage: 289219\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":35348,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 35348, version 1.0","md5":"6e192bc03c1ec5b2ba6b1281ae4f4a71","sha1":"54dd8ad0f73f88eb7c28888d5582380a978f6571","sha256":"8fb387ef4c02189952d5644187a217863e71db410f9dfb3b0afd0ebc4447bec6","sha512":"412aec2aa07af44d4f5e889ddddb9af73b89cccb793aabbb1161583f3d13ff0adc2053edb329a039fa5bc7c9f5b4a69170365e3ad29cd95a8b81fe9997ae1f7d","ssdeep":"768:Dbm/Jw6U5CNNTG4IwnW0kpZ/NXBeh58pFpS0Lz6fihG4iW3lpsii3AYNb:umF5CN5GVwnONBV20Lz6fihGs33siiQk","tlshash":"97f2f1817ff58f13286ab078b5bf8f5b4778a348509674af92c3e7b48c851c85f12891","first_seen":"2025-06-02T19:11:03.283598Z","last_seen":"2026-04-04T14:56:09.834603Z","times_seen":22481,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":9,"receive":5,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/app.I75bNnF2.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:22.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/app.I75bNnF2.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:22 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 848\r\ntraceparent: 00-c7a44b51e4769496d313dfd3c41fb1a8-36993e54d08fb42f-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-350\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1866,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1322)","md5":"d32cfc7907bb6d80b5be77d6ad2f8fc5","sha1":"f11dd0cf92ba1d613b98c2190a1df162e5ed4723","sha256":"2fec357092d77027493d3795234ad9618f368821e39a41ba883057a95f0f31ed","sha512":"4464fdedd9a590eae63de5d59b261c567e566b6528a6a8f671054689cce0f81260148e288970629d04421da86af7479bf97f7cc9d4b90f6f4ce4c8b1968acd28","ssdeep":"","tlshash":"67316609639295354aa514fd815f3721b3119fa1317dc6e1e0bc7c6a3db1813ca2bfe2","first_seen":"2026-02-26T15:36:50.75582Z","last_seen":"2026-03-01T05:41:07.333776Z","times_seen":4,"resource_available":true,"data":null}},"time_used":173,"timings":{"blocked":77,"dns":30,"connect":7,"send":0,"wait":9,"receive":1,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/SiGMA-Awards-Europe-Negative-22.svg","fqdn":"cdnimages2.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /SC/Leonbets/web2_footer_icons/SiGMA-Awards-Europe-Negative-22.svg HTTP/1.1\r\nHost: cdnimages2.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 124642\r\ntraceparent: 00-e5050053ed67f8e7a59928eb091325c5-2a1c6cea427e09fc-01\r\nlast-modified: Wed, 29 Nov 2023 14:12:27 GMT\r\netag: \"1e6e2-60b4b1ff8446e\"\r\naccess-control-allow-origin: *\r\nexpires: Tue, 31 Mar 2026 05:40:25 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\nx-id: sto5-hw-edge-gc19\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":124642,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"065691d045bfc538dbfde5499a6d2674","sha1":"6cd30a84f1eaadf7e5dfc0b63b4767fd30a8df50","sha256":"c38f15c7b168fd96961ea9673f5ab93f5e1eeac70ba805e27369f5d1febbb285","sha512":"8fa87b3aa5f20681301f0e4ceadc73e7e7bee3a280af44c602419ab274f38248235df2887d214ec0cf9e23fe6389f2ea91477781620cb459369a78fed086a507","ssdeep":"1536:9g1mplOk3XLELTLyO/aCBNZsv/7GHLIe6Ej:Re64","tlshash":"36c3835bf3f9e6f6e109d3a8c6818430322a1af37d91c6a443f5af5edd1404e1c6da92","first_seen":"2023-12-10T15:49:17Z","last_seen":"2026-03-29T15:19:13.489458Z","times_seen":107,"resource_available":false,"data":null}},"time_used":414,"timings":{"blocked":48,"dns":0,"connect":0,"send":0,"wait":304,"receive":62,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/a1c6617b.d.m.BPk3a0gK.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/a1c6617b.d.m.BPk3a0gK.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 30148\r\ntraceparent: 00-d004a3c99832f27ca9dbdca4a261751d-a7e9b073853781c4-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-75c4\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":122316,"size_decoded":0,"mime_type":"application/javascript","magic":"Unicode text, UTF-8 text, with very long lines (35971)","md5":"f8d82ccda059c352ab446facf8976938","sha1":"2722dd4477620b944a2bed7ce8d3f4ae27663da1","sha256":"98873f3be20f37c6aaf013c0653526805a25c8e267ae03a9ae2e859e9934efb0","sha512":"da7a4731b31ec3a1663f47ed73f32e394ea3c2f9cfd383d4b729f7d02ec1c588be9571ab94576ae7df9f83759d49f5aabb60d60853e334d7048ff4a0ea683451","ssdeep":"3072:z0NfKGJvEvGdrSaV67dmcgUxHtA8WAUA4Ic/5/WLODYoCIDIinUVDAlwn3Qd5f9c:zqfKGJvEvGdrSaV67dmcgUxHtAFAUA48","tlshash":"1fc33a89bd41607ac7674ece827a1800732d1f92e1598891f17b8fff257a8149377b2e","first_seen":"2026-02-26T15:36:50.808846Z","last_seen":"2026-03-01T05:41:07.335495Z","times_seen":4,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/017fc061.d.m.6jXZaT8y.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.578Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/017fc061.d.m.6jXZaT8y.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 11560\r\ntraceparent: 00-4e2218c3d114ab5253286c9f838f6d59-ef49464d049bf575-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-2d28\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":41130,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (41079)","md5":"7473a31f3263453185cf557250b29f38","sha1":"6a2e1eedc05dfb2ac61a4abd81de3e6f5a2c9ca2","sha256":"103b46bfd5001eac175c1419c8f8d2aaf9b5a44ab3d596c54ca14a8a57c0435d","sha512":"df3f21abd0ab7e701f43cf7aeb68cc4eaa3f45f6d3e5c560cbe8f6f21dff2c0bd167e5483b5d27d9d4300a2ba23c5b1b13401db2f28eca788b89cf3e0254b1f4","ssdeep":"768:I61/QVoeEHTg+ZgrhbGeLJ880mec4R40wNNBLJrlB83prxApCp/UwBDneQDvpy/Y:nzmp7QA/BPWUY","tlshash":"c903fa8877f3b52757d744ea50371003f6298a08784e8068f26cd9df7e9680696bbf39","first_seen":"2026-02-26T15:36:50.671476Z","last_seen":"2026-03-08T14:14:44.19034Z","times_seen":13,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/vendors~app~tooltips.7381dcf2.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:38.985Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercomcdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 28 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"64:9F:0E:45:43:8B:97:70:93:C0:3C:A3:8C:86:3C:74:78:46:6C:83","sha256":"E3:A5:51:D3:19:77:B6:1B:44:2E:AB:1F:87:9D:CF:AA:C8:71:56:3F:4E:E4:70:F5:F0:03:7E:70:C2:D9:65:BF"}}},"request":{"raw":"GET /vendors~app~tooltips.7381dcf2.js HTTP/1.1\r\nHost: js.intercomcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 194215\r\ncross-origin-resource-policy: cross-origin\r\nlast-modified: Fri, 27 Feb 2026 19:59:47 GMT\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: gzip\r\nx-amz-version-id: SDySgVZo2nTpdSNQiRDiuGjnmSsU__ta\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sun, 01 Mar 2026 04:47:26 GMT\r\ncache-control: max-age=31536000, s-maxage=7200, public\r\netag: \"5b80ea45f15433a0f5701add51ad0f37\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 de27d82c1c354527a5740acf5043eab4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\nage: 3193\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-amz-cf-id: ORw9IlYWwnInHCinSIEyICQlAxLW2zlii7Qtp1fKXxURHnJ_dJfRrA==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":894194,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"data","md5":"b72c10a54df7bc806b735606c9d874dc","sha1":"8a8983560680af8d1208e809ac7b440f6c41a1d4","sha256":"0796ab1c59cb6719777840b67477b8fc8e5573a1777a6417cc29df875024e444","sha512":"2c76cb615c7f187327137f6568330928390e92eada7ca074c240dc9a39bc0f55f1e4e84b8d38aa45ae2c2ea27ab21df4ce5ed5f5a7951d5989287999e84bd760","ssdeep":"6144:sp02n1qyKHtLp0rn1qyEuScl4tXWgFDAIXOfErq1POdoIgPXsBTa6MZ1u3wwoxzE:P9jtn6SdoIgPXsBTa6Ml1a","tlshash":"3515932095a879ed63cf7186908f986e2d7c01338285ee647dd84bd727261b63433f6e","first_seen":"2026-03-01T05:41:07.336942Z","last_seen":"2026-03-01T05:41:07.336942Z","times_seen":1,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":42,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-2/betline/headline-matches/changes?ctag=ru-KZ\u0026allVtag=9c2cd386-31e1-4ce9-a140-28e9b63a9300\u0026flags=reg,urlv2,orn2,mm2,rrc","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:29.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"GET /api-2/betline/headline-matches/changes?ctag=ru-KZ\u0026allVtag=9c2cd386-31e1-4ce9-a140-28e9b63a9300\u0026flags=reg,urlv2,orn2,mm2,rrc HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:29 GMT\r\ncontent-type: application/json\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117067,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"5364a9bbbb66ff6a8dfd563104796a08","sha1":"02eb8aae239d906734a42a26bdcdcac5fbc4cfd7","sha256":"937751293c35940b2767445c32b459883609dade40ce7c7708be78f4f908e959","sha512":"ab73c44fcb0abd14797c64e17de8738747bbf39796f7df1d85117f2e82942ff1def49f5670685fe920ceb32da9aca7bbd2880f0b30f9860dca77d897f7a2920d","ssdeep":"3072:WkCexcOlyh/Y/sO3oVREUnp/+W4tkznXFvJXeyF:WkCexcOlyh/Y/sO3oVREUnp/+W4tkznV","tlshash":"71c3021863080dbdd7622899dd876bf209d4d37fafdcde42a6e8cbc435b53aa112111b","first_seen":"2026-03-01T05:41:07.338059Z","last_seen":"2026-03-01T05:41:07.338059Z","times_seen":1,"resource_available":false,"data":null}},"time_used":78,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/39f0c6ef.d.m.DaRSwqWO.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/39f0c6ef.d.m.DaRSwqWO.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 28921\r\ntraceparent: 00-b1f98c46a86029a42c2bbd0e047ca28b-d25972e4a641cc57-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-70f9\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":78918,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"4a8616c9bd90acd3fad8ea3b3930dde8","sha1":"10877f5f344cf78c144022ade2d6bb221bcf0456","sha256":"54c3636be6e332f6624b39036d80f9d0f7999389908a4583c00cfed5df8498dd","sha512":"ca9cb8d06e80da5422ceb73a81367300f6848fef9c68e3c995d251a0e31f5c558f4d5ea97da1c2810ee68ff9f1a8bc107c26518ae2bf4903b49509f9a1e04209","ssdeep":"1536:7fpN8uD6NeoG0aWr9dn/BN/r/9cZPK1wlUEk7c8hbS0NHa6HYwnOI:zGmWr9dL6ZPK1oUVc8hbS0N664XI","tlshash":"b17329f933a2b57393ee11e6407b0406f3ae68da284d045cb195e9df3a7445840ebfb9","first_seen":"2026-02-26T15:36:50.781567Z","last_seen":"2026-03-01T05:41:07.33914Z","times_seen":5,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3KUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 29392\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 00:02:23 GMT\r\nexpires: Fri, 26 Feb 2027 00:02:23 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:43 GMT\r\ncontent-type: font/woff2\r\nage: 279483\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":29392,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 29392, version 1.0","md5":"a6323dda0842401b2923554d0ed8945f","sha1":"6a5e89b2f9b47f5a2fb11831479c02b4eebe3089","sha256":"cedb374b05a35034cf96db185db4eeb8f8ce49e1a56197673702ff11b5533d6e","sha512":"6fe8df13c6dbc738b1cfd40c14bda19dca6114b3a4f521ff46fa7ebe25f6ce11046b7d41c1a8528d2294afea5a1c985ff43db37a2de028c1fb61b7197210dac1","ssdeep":"384:Wz9Te6aaq6lpCaascbVjmWd8NifWrHJi9grlYlMl1EfUxFvskjZAFWiMhv4K6Nb2:u9jN2bVjmWQFqgskSWiVK6NbKd","tlshash":"65d2f15cb579c636a098e4b70df5e3bf9599cb39224b9b288341c0385aa3941e442b97","first_seen":"2026-02-19T22:46:38.271285Z","last_seen":"2026-04-04T14:38:08.755375Z","times_seen":3146,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/vendor.50747ce4.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:31.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercomcdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 28 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"64:9F:0E:45:43:8B:97:70:93:C0:3C:A3:8C:86:3C:74:78:46:6C:83","sha256":"E3:A5:51:D3:19:77:B6:1B:44:2E:AB:1F:87:9D:CF:AA:C8:71:56:3F:4E:E4:70:F5:F0:03:7E:70:C2:D9:65:BF"}}},"request":{"raw":"GET /vendor.50747ce4.js HTTP/1.1\r\nHost: js.intercomcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 159226\r\nlast-modified: Fri, 27 Feb 2026 19:59:46 GMT\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: gzip\r\nx-amz-version-id: Z70Kehv081IQu6xybJ5FLYPEOoYRCQio\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sun, 01 Mar 2026 05:04:19 GMT\r\ncache-control: max-age=31536000, s-maxage=7200, public\r\netag: \"9264519b6c6fe37b335892079c4657b5\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 a89672c5bed576aaabefe419c0d5bad2.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: d9Wq1veNQclmtIYFUsqf9BBN2l-nh3YZ2PTxw6BLJifUIxwiQWef8A==\r\nage: 2172\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\ncross-origin-resource-policy: cross-origin\r\naccess-control-allow-origin: *\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":519396,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65463)","md5":"5ab510430734bf0eb7f416a75d470eb6","sha1":"f4e17dbe6b3da8182919d17f5125a64ceeff5b35","sha256":"551045f351338a32ba76ada3140ea011c6dd201761285f2a765b7386fd5789f1","sha512":"3367fb7df279b6d9912870d7724d119651e9348c31175eb46bc4f09d6baf09962b76976711b752a010b1263a65a24417faccf05ad6e0747467bae400ae9e218d","ssdeep":"6144:pv6LzOcnDn6/01m3aLpqrOEG7I03kic/CBXttCXrJhOo7ifE:t6LzOgoaLGF1nCBXttCbB","tlshash":"55b418dd7591b4a207f312f2407f180bb379296a284c4460f664e8dd78f994da23bf6e","first_seen":"2026-02-13T14:59:23.726375Z","last_seen":"2026-03-04T15:07:43.896905Z","times_seen":1936,"resource_available":true,"data":null}},"time_used":134,"timings":{"blocked":43,"dns":12,"connect":8,"send":0,"wait":41,"receive":5,"ssl":18},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/036a973d.d.m.DDj01hZ8.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.437Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/036a973d.d.m.DDj01hZ8.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 81440\r\ntraceparent: 00-2e8ccb22def558856d958f72fb92d375-3f4ccf7f2abfcd08-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-13e20\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":285362,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (30460)","md5":"5a56e623158dbfcf5853375bd8308664","sha1":"547e1dff805f86167550b015cc623b60116612d1","sha256":"9501eede310c3d02294cb1481653d19be86207e5e18667ee7859562cee0b95d8","sha512":"3ddb81be33c8de942b8b8397cb626dd6d38f13f66d703a7c5998c9a83d6cacbebf60f3b8d6a81658197aca43ac13f05d52b14a69d984ca9c2e1bd3d6cd9758ed","ssdeep":"3072:glPCf2+Xb0xeLKOBlv4LyFMME3VF99l/yAj6CUVZ0XjGU2/i:glq90wL7BlDFHuF9T9j6CUVkjF2/i","tlshash":"905419d931d6713353e60aa590bb0102f7355a90344e81a8f52cd9ef3dba44aa2b7f3d","first_seen":"2026-02-26T15:36:50.681992Z","last_seen":"2026-03-08T14:14:44.155141Z","times_seen":13,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":42,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/fd767157.d.m.CANN4s_5.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.456Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/fd767157.d.m.CANN4s_5.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 10196\r\ntraceparent: 00-9bdb819b8b31cce1be44b1cdbaa35cfb-57adc3d0b4035fdb-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-27d4\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":36532,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (19172)","md5":"5627e8349b7a7b0f754c7e852ce249f1","sha1":"b23c9d3ceea82aacf039e25bcec471c885bfc881","sha256":"5498d78c07fb2b49ccd247c3e074030acf86ff12e32bce7a8f0326bea1b698f3","sha512":"ca77e653c0b37fec263b14aa23dc96bcd5ba602f6443b6f3ed6734307943aba6f61bd3b3789827b93136658cb973292db0d6781828179e0be750e8aad259714c","ssdeep":"384:6AuOqKfvmAmiq7bWXgWE20ASWe4bNuKOJkmB0vufoXoGmGFjO5Ath0e4iXW1dGkn:6BEvmAmh7bwHU8Xgn0GWoPGFjDzaJ3","tlshash":"55f281c472d9f5e14393aa74803f910bf23a7c71145ca154e322eae57cb865a91b3f3a","first_seen":"2026-02-26T15:36:50.70844Z","last_seen":"2026-03-08T14:14:44.165706Z","times_seen":13,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":41,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/5-11.svg","fqdn":"cdnimages2.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.871Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /SC/Leonbets/web2_footer_icons/5-11.svg HTTP/1.1\r\nHost: cdnimages2.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 3232\r\ntraceparent: 00-85b31d5423483cfc014a511acd3304ae-3bbc092e2c21beec-01\r\nlast-modified: Thu, 10 Nov 2022 08:53:26 GMT\r\netag: \"ca0-5ed19e80db7db\"\r\naccess-control-allow-origin: *\r\nexpires: Tue, 31 Mar 2026 05:40:25 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\nx-id: sto5-hw-edge-gc19\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":3232,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"c3486ca9ba91b7e03578b765b3bf0fed","sha1":"44416ac852c051de15458027bb4c91790f23e57d","sha256":"d4912656aa1107cd6534589d13fd1efb042d2080ffbc4b073521534e32f08fbd","sha512":"2b753956e4a6eb441c2e03c71dac79d8bff640b050ae9cfcdacf52ecbe4012ddae8a5168bf1f00b777704f004b8320a66e3062e247eabc1a2ca0118d94e9c9e4","ssdeep":"","tlshash":"5461fad9232846aae44072e9cf52a4dc290eeef483c54475cb422f1670a50d51f329eb","first_seen":"2025-07-09T00:32:09.362506Z","last_seen":"2026-03-01T05:41:07.342118Z","times_seen":6,"resource_available":false,"data":null}},"time_used":349,"timings":{"blocked":71,"dns":0,"connect":8,"send":0,"wait":215,"receive":1,"ssl":45},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:36.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 157\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ; _ga_JZZNGY93CC=GS2.1.s1772343630$o1$g1$t1772343630$j60$l0$h0; _ga=GA1.1.1485598974.1772343631; pixelsink_uid=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5; intercom-id-cnjqphyx=85381ab1-a36d-4721-b8a9-31da0a6aeb3e; intercom-session-cnjqphyx=; intercom-device-id-cnjqphyx=73ea108a-a9be-4949-8c19-bbffe60d1c88\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":157,"data":"[{\"id\":\"253ddb7a-cc74-4966-8abd-546e5ebec56f\",\"qKey\":\"78de0be6-1179\",\"operationName\":\"getBanner\",\"variables\":{\"options\":{\"groupId\":\"1\",\"id\":\"3326\",\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:36 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2852,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"729be0288bda430daa08143fc740e318","sha1":"78117730c4e72120c93f22ed2ed9c71e9df0a80e","sha256":"c33951c372d69bfd27d474d7ad7b8f1e5ba7189358ca94fdde534c2a33502c8b","sha512":"2d18036baf61a149d287f3cd31617469d8c016c4eb54dd6896a344e6a3eaef4a75a09ede1222d336cab0ff33433ed83a0819e5a10cbd1b1e4e2f1a40e15afca2","ssdeep":"","tlshash":"2c51769b079c1c7ed30a11ca78bf3965284e2427a2c5ef5861da4f7831f4e7b413205d","first_seen":"2026-03-01T05:41:07.342592Z","last_seen":"2026-03-01T05:41:07.342592Z","times_seen":1,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/faffda3d.DFhj2As1.css","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.209Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/faffda3d.DFhj2As1.css HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: text/css\r\ncontent-length: 129302\r\ntraceparent: 00-37bc57942c39e5e3575c3f40151d9d32-a2aab8c4a1599930-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-1f916\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":1057223,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"a3d5ab5b3490db470f8580a0a498e8c0","sha1":"aeeabbcd7df89aaeb37cdc67241e884a4f56b522","sha256":"dc13c2fbcdf11fdb9c98b5b947b9e16bee4a20cbd8b65d364bc2f93df11a7837","sha512":"78e292e1c13c8dc263997cc82cd274da55f171321098d10f9e9e9d65c4bdce9e583d19c766cbda5494c9074d60535ae9e345d2f9b18de207dd28d0c5c8d65071","ssdeep":"24576:kpQY7t35lPJB3VHpLU+QfZqMX6NgsTdTkwR8ZjJZbPBBy3eI/cGRrg0pFkRofCIm:kpQY7t35lPJB3VHpLU+WZqMX6NgsTdTQ","tlshash":"4425d9bb5d60b23ef6b7b52ee1e5ba4d7118dc03cc63469ad4b1962cc1c77925322b08","first_seen":"2026-02-26T15:36:50.769303Z","last_seen":"2026-03-01T05:41:07.343408Z","times_seen":4,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":6,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/71c69379.Df-RY1xq.css","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.891Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/71c69379.Df-RY1xq.css HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: text/css\r\ncontent-length: 105\r\ntraceparent: 00-0dee8fd594665fbce6905ad2f945ac38-0d4c3d412d9ada31-01\r\nlast-modified: Mon, 16 Feb 2026 10:20:06 GMT\r\netag: \"6992ef56-69\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 927621\r\ncache: HIT\r\nx-cached-since: 2026-02-18T12:00:03+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":219,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"3423d7cc3aa7ac44d033e2e4be0b00d4","sha1":"a4d591bc0446811187b44bbc1b41c07a7f48f232","sha256":"152add0de253a858678d73d9988ee6214da2dc169ad58e26e2f95e472b50fed6","sha512":"65c19ef7f61a6266e6f34255b873f9d0d88f42971a124787b263063acf53f4c0759f3b40a563d4aaeeee269edf833b3921dea4e9b2fa89f82423aacd6cd8f2e9","ssdeep":"","tlshash":"87d0a7568df1d6336cd0590bb3444a8c30c29c0b85175b04c49a140cf4b359b3202384","first_seen":"2025-04-24T07:07:12.797229Z","last_seen":"2026-03-31T00:45:46.183155Z","times_seen":113,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":2,"dns":0,"connect":0,"send":0,"wait":11,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d1cr9zxt7u0sgu.cloudfront.net/shdfp.js?SITE_ID=5a0ef96fd84066141eb932d11ca5b39bb17a78cb\u0026TYPE=JS\u0026DE=1\u0026AUTO=0","fqdn":"d1cr9zxt7u0sgu.cloudfront.net","domain":"d1cr9zxt7u0sgu.cloudfront.net","tld":"cloudfront.net"},"ip":{"addr":"3.164.247.189","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.221Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.cloudfront.net","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M01","organization":"Amazon"},"validity":{"start":"Mon, 05 May 2025 00:00:00 GMT","end":"Thu, 23 Apr 2026 23:59:59 GMT"},"fingerprint":{"sha1":"8F:00:F1:34:A7:1E:27:1C:CF:CD:A6:53:8B:C4:82:B0:68:BC:C8:72","sha256":"60:38:9D:24:9E:41:8F:23:AC:D9:14:5C:A3:47:7E:AF:07:DB:9F:2D:6A:8C:0D:08:E9:24:8A:8E:49:A9:4D:28"}}},"request":{"raw":"GET /shdfp.js?SITE_ID=5a0ef96fd84066141eb932d11ca5b39bb17a78cb\u0026TYPE=JS\u0026DE=1\u0026AUTO=0 HTTP/1.1\r\nHost: d1cr9zxt7u0sgu.cloudfront.net\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript\r\ncontent-encoding: gzip\r\nserver: nginx/1.14.2\r\nlast-modified: Fri, 19 Sep 2025 13:00:04 GMT\r\ndate: Sun, 01 Mar 2026 05:40:20 GMT\r\netag: W/\"68cd53d4-2c9b0\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 fb60bb37778839b51bfea3a34907efd0.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nx-amz-cf-id: qNVgag-wjRjMt0UPb3EGhuVj51oDEOeZe94vtvxsJKBXYoW9n_lvcg==\r\nage: 7\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.14.2","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":182704,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators","md5":"0b91077d0eea71289900b82439e0f098","sha1":"d129f02ebf9f0579e6ae7d0193c31b72bf9a3a8b","sha256":"19671cd169b8256b899b4406963bb6e47e81534c9bb9841ff21cc7a3417f5c7b","sha512":"4761bed806fd413c1347deb991fbc8c872a39326dfef7c1acda30472f5e7cc3f1733e75f69890128e3e24d4af8ed7239ae58a5ffab44c2587990f12bbb0025c8","ssdeep":"3072:qEzujzd82s/OnqHKc/yHT6ERokLBa4wWnkxcxtujMDmdk4LHBseQztbtHdGTHSWH:qEzujBhjTa4RkxcxUjAmdk8QtbmTHS4","tlshash":"0904c5507bc0694963875f7b762bf5d4e45a0e7e3c844d8bc148bc58ab66223fbe0a31","first_seen":"2025-09-23T18:58:11.287136Z","last_seen":"2026-04-02T09:36:05.663821Z","times_seen":79,"resource_available":true,"data":null}},"time_used":68,"timings":{"blocked":21,"dns":12,"connect":8,"send":0,"wait":10,"receive":0,"ssl":14},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/vendors~app.c3a12efc.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:38.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercomcdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 28 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"64:9F:0E:45:43:8B:97:70:93:C0:3C:A3:8C:86:3C:74:78:46:6C:83","sha256":"E3:A5:51:D3:19:77:B6:1B:44:2E:AB:1F:87:9D:CF:AA:C8:71:56:3F:4E:E4:70:F5:F0:03:7E:70:C2:D9:65:BF"}}},"request":{"raw":"GET /vendors~app.c3a12efc.js HTTP/1.1\r\nHost: js.intercomcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 117025\r\ncross-origin-resource-policy: cross-origin\r\nlast-modified: Thu, 26 Feb 2026 13:23:55 GMT\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: gzip\r\nx-amz-version-id: LjGoXeLeXdNR.UIbLGhjsj.nAS0B9dbE\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sun, 01 Mar 2026 04:08:22 GMT\r\ncache-control: max-age=31536000, s-maxage=7200, public\r\netag: \"51a4ffe688ed35668ee8f6e063486f1a\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 de27d82c1c354527a5740acf5043eab4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\nage: 5537\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-amz-cf-id: dacr-QGrrywXZAnu8FDUR9_47UEwRr8fBYauMt5wsWdW9YiHtj8f6Q==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":566393,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"279799a16941055b394bac4c7ab17a1d","sha1":"f286943e94a4673685d18469356ca8763ce54223","sha256":"2c70ca80aec82316eb61dbed39b3f765db05b53ffbb7b4d908de25948cb6cdaa","sha512":"206a0344038bdc9198477e3a9f6a74d99ddb9764049dad874554a61959c99398def943416605ba1f0fd9df930581f7ed161480f407c13e6aefb8ea8ad7abebbf","ssdeep":"6144:nxY9lstwDG7qD/v+W/BxbjKuOOc+1o/ibMZyWowsQgaH3nWSL8/w:nS2wDd/BxbuuOJ+1o/ibMZyfws63WSmw","tlshash":"b8c419c5b6e1f4b24b9750e2543b1007f33a4d5c206d90a4b368d5dbb8ec58e62b6b3e","first_seen":"2026-01-19T13:06:26.444508Z","last_seen":"2026-03-18T08:48:13.838954Z","times_seen":2025,"resource_available":true,"data":null}},"time_used":39,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":26,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/a1c6617b.ClqBDYIE.css","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.186Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/a1c6617b.ClqBDYIE.css HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: text/css\r\ncontent-length: 9306\r\ntraceparent: 00-15cc0b341b08811cb0b350c3b4abfac7-95768f1aa4671a37-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-245a\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":78033,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (65536), with no line terminators","md5":"1a059bf54377f5915efc4549003f2ae0","sha1":"88f5e67e35a9656daafbdd3d428ceda570e8899f","sha256":"9867c988850065d4ea99f577e89cabb73117afd841eb26be1272e267529c6bcb","sha512":"33b2c3856bdb5eddc11eef4f64651ab8162ff464dba3f81c27c293ac39231975d86d018e9293dae6dbc6d4744b5bd111d1778d33cf1ed97e5defb64249af4aaa","ssdeep":"1536:YBlS6q6LnH7uQzI4JLcagMcgPjP7M10bVMby2cekOKywXwfOIl6V6duEerdA5wu9:YBlS6q6LnH7uQzI4JLcagBgPjP7M10bS","tlshash":"267344aecd50a77bf663acedc3e6ba48734e6c038c921936d5b212bc42e6251d355f01","first_seen":"2026-02-26T15:36:50.729018Z","last_seen":"2026-03-01T05:41:07.345373Z","times_seen":5,"resource_available":false,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/vite-plugin-import-retry.dca3f5.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:22.770Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/vite-plugin-import-retry.dca3f5.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:22 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1187\r\ntraceparent: 00-068e1c7054593256eb224c6fa8b60c16-1b95ccf9914e7bb3-01\r\nlast-modified: Mon, 16 Feb 2026 10:20:06 GMT\r\netag: \"6992ef56-4a3\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 927626\r\ncache: HIT\r\nx-cached-since: 2026-02-18T11:59:56+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":3484,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3484), with no line terminators","md5":"ff04ff64f41edcfe0a5706200f38f11e","sha1":"77e4fd5c51c8f69f421918cd91c20358747dd473","sha256":"dca3f558d8b551db233a488f512c5180ee9db08c320ce1c1492ec74160f5a5cc","sha512":"18b1313067f46bdefed5d478c9a35c83b90285b11bb53056aed6d988335c36f2eb4a6062aad119e94257bf3502eed86fe13e933eef062db8aaa21d595e966cef","ssdeep":"","tlshash":"de7142d93ac3b56c63737479803f5446bb6a2810f2884d61d9acd3d27d2ae46c227df0","first_seen":"2025-02-07T04:57:00.571763Z","last_seen":"2026-03-31T00:45:46.186865Z","times_seen":157,"resource_available":true,"data":null}},"time_used":182,"timings":{"blocked":82,"dns":32,"connect":8,"send":0,"wait":9,"receive":1,"ssl":44},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.188Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-qtag: a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nContent-Length: 830\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":830,"data":"[{\"id\":\"87f0394e-dcc9-44e9-81e1-60f0eb2cb35e\",\"qKey\":\"93dd9da9-132\",\"operationName\":\"getCookie\",\"variables\":{\"options\":{\"ts\":0}}},{\"id\":\"4718259a-9647-4bd2-88de-b5d892a09ce1\",\"qKey\":\"790886e7-467\",\"operationName\":\"getRootSettingsInternational\",\"variables\":{\"options\":{\"ts\":0}}},{\"id\":\"a976fb31-0364-4f8d-acd5-d89d8e156768\",\"qKey\":\"b120a8be-122\",\"operationName\":\"getApiSettings\",\"variables\":{\"options\":{\"ts\":0}}},{\"id\":\"bc7c63fb-1dab-4368-9c3d-1de0facb9054\",\"qKey\":\"d8b49f93-16377\",\"operationName\":\"getSiteConfigSettings\",\"variables\":{\"options\":{\"ts\":0}}},{\"id\":\"fa591f41-8129-4061-9475-daa7fe888243\",\"qKey\":\"f9753f3f-92\",\"operationName\":\"getRoutingConfigs\",\"variables\":{\"options\":{\"ts\":0}}},{\"id\":\"3c5eed31-14db-408b-a8a2-adfe81428107\",\"qKey\":\"c2e6684f-112\",\"operationName\":\"getNavigationConfig\",\"variables\":{\"options\":{\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\nset-cookie: ABTestSeed=70; Max-Age=315360000; Expires=Wed, 27 Feb 2036 05:40:24 GMT; Path=/; Secure; HttpOnly; SameSite=Lax\nqtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; Max-Age=2592000; Expires=Tue, 31 Mar 2026 05:40:24 GMT; Path=/; Secure; HttpOnly; SameSite=Lax\nqtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; Max-Age=2592000; Expires=Tue, 31 Mar 2026 05:40:24 GMT; Path=/; Secure; HttpOnly; SameSite=Lax\nreftag=; Max-Age=0; Expires=Thu, 01 Jan 1970 00:00:10 GMT; Path=/; Secure; HttpOnly; SameSite=Lax\nipfrom=91.90.42.154; Max-Age=31536000; Expires=Mon, 01 Mar 2027 05:40:24 GMT; Path=/; Secure; HttpOnly; SameSite=Lax\nx-app-language=ru_KZ; Max-Age=2147483647; Expires=Fri, 19 Mar 2094 08:54:31 GMT; Path=/; Secure; HttpOnly; SameSite=None\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":155845,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"Unicode text, UTF-8 text, with very long lines (61505), with no line terminators","md5":"56495cbfc1ed7898113f5c72184e2f38","sha1":"0705293be9cf4dd5f226751eb0ce53bfc110ac33","sha256":"5fec93bbb0dc21a58fe209577e314edfb14ac2f7d99cb9dbd499ac39c6c4f812","sha512":"61577c914972d87596e8f2e02c86aa58d0e5c883f38bd35bfe37411806ceaf7d4208755df1d55e1a55e10fb09ee603e2822980db3aab20c5d034f1034e84a803","ssdeep":"3072:ESSQ02J080Qwu0804wpkgq9Q70Ly9uzZxA52f62gvmxKvWT2/gZs5tktK7WiAPGB:ES0kgz0Ly9uzZxA52f62gvmxKvWT2/gy","tlshash":"d1e3d835721cecafc043984aeb3e3e37146d907e36cb7988985c9d6da0fb1b4913165a","first_seen":"2026-03-01T05:41:07.346606Z","last_seen":"2026-03-01T05:41:07.346606Z","times_seen":1,"resource_available":false,"data":null}},"time_used":143,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":143,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/c7016086.d.m.B95bN3MA.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.412Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/c7016086.d.m.B95bN3MA.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 6104\r\ntraceparent: 00-7a6fb34b993fb8b2cd5d86e5905b1034-04355893aa112703-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-17d8\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":16135,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (16084)","md5":"952a970e6cb65c7f5f81ffbe2e407c37","sha1":"010df53790d74f09f12a84d1c544c0b4377d464a","sha256":"6d3c933ffe12068ff6f4afa5ec3d44cb9829f662005ef9ac6d40ef2127df9bb7","sha512":"4bc0253824499de28ad4cc866350902ef238a9d8d3ec4c579186db26831882481114208050a49caea3e633b6553f3c14621a2490d0e5006b6529440df346847b","ssdeep":"384:dxtL7YoplhKdhsOT3NqWEBI8YALo3lcS++VHYLIaGPfWwj1qXqYU5P9tlIgg/UJu:dxtL7PD4hsy312IhALo3aS++FwIaGPfC","tlshash":"bf72a4e93183b53553eaa9e7403b010af33c3944344f9494f6aeaac63d7651352b3e7a","first_seen":"2026-02-26T15:36:50.730644Z","last_seen":"2026-03-08T14:14:44.227827Z","times_seen":13,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/7ad78725.d.m.D7LCyb2h.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.568Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/7ad78725.d.m.D7LCyb2h.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 4412\r\ntraceparent: 00-5bbdcd076eeddbaaac49f87b6858e0f0-29d931821ebca2ae-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-113c\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":16045,"size_decoded":0,"mime_type":"application/javascript","magic":"ASCII text, with very long lines (13290)","md5":"969b7f3cf77427401b505f78f673830b","sha1":"1659a078169c9903199f0d2ec3a7ba307aab00b0","sha256":"ba08a5c7947f421cb11d3b70f2aa11ebfad24fd466640846dbc0b8bf8a2c8384","sha512":"87632125be7cad53a35b11814d90652a9d755c97d6fd57d7a039f7346659b5b25b63adaf7b4a1941a0428dadbcdf615551fc8f61f5a80bf48d85e6ca423a4b4e","ssdeep":"192:+LPgkrNwcZi4GJYNS05E0jxtzoqNm//yMGphfWyE/K3nEH8eglO61s/qK0UBlGYR:egkrN7GJIN1jrsZGmyE/4nDNxcX9N","tlshash":"77728455e2858c312253caea41b42940f20ecd551269d6a5b6fcd9fddab1c2fe03e3ac","first_seen":"2026-02-26T15:36:50.669506Z","last_seen":"2026-03-01T05:41:07.348198Z","times_seen":4,"resource_available":true,"data":null}},"time_used":9,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/171e0e51.BX1Yg96g.css","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.191Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/171e0e51.BX1Yg96g.css HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: text/css\r\ncontent-length: 561\r\ntraceparent: 00-3741c03539e7db25d0d1df60b25eebac-ff5e5cc1575051df-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-231\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":1888,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1887)","md5":"978b7d184a879c9d6e3c9c85599bc325","sha1":"c868c588b1a2a24d0b6d43a7c121534e3b8588c4","sha256":"dd04df8f6527ae8668407b2777477459183dd365679d5d96ee413a73143e4f61","sha512":"6aa58727cf3ad60d38ae6cf2d82400532767ef93d981fbb5ba56a2ad88affd6224368e1ed7c444c107edd2b8e57172cb0d4d9d0f72a9b233829a699e637b60e3","ssdeep":"","tlshash":"14410ff30a0ce334ac63b54f6474d64ac02ad052f55b16e811ff722f86cfae099906ac","first_seen":"2026-01-18T23:41:56.178602Z","last_seen":"2026-03-08T14:14:44.243604Z","times_seen":17,"resource_available":false,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/86620776.d.m.CID0CXav.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.441Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/86620776.d.m.CID0CXav.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1567\r\ntraceparent: 00-0209029b22198b7b33213c8bb72369e0-23c32d2476c8eb49-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-61f\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":3988,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (3937)","md5":"5602db64f6f371dc3ad9af75452efc41","sha1":"03d6824dc8fb259e5b8f78964a340642bcd435e5","sha256":"43220932fdb02480653d634dd5602a04aab36492ec648d198debf2a2dbafc08f","sha512":"8b9fd6977bb3d468d066119bea729fa0afb1e8b81027e867ccd88a335afd6345f65f0e4ebbdf89dfb4ba7597daa644365f9bc65c14dff289584d88e7228c39ce","ssdeep":"","tlshash":"5481968db1d170b9d33604e0c02705d9422a576872b2adeaa0af56339a48c68f3ff567","first_seen":"2026-02-26T15:36:50.770851Z","last_seen":"2026-03-01T05:41:07.349164Z","times_seen":4,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-roulette-1.svg","fqdn":"cdnimages3.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /HRJLWPLB/files/showcase/dark/color-roulette-1.svg HTTP/1.1\r\nHost: cdnimages3.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: image/svg+xml\r\ntraceparent: 00-3e42940bc8c27958cb1043bc5eaeda4c-56a70f3c738d4275-01\r\nlast-modified: Fri, 19 Mar 2021 17:11:17 GMT\r\netag: W/\"12f5-5bde6cde231b5\"\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc19\r\nage: 278251\r\ncache: HIT\r\nx-cached-since: 2026-02-26T00:22:53+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":4853,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"a330652e8d9e63c87f6b17ab02fbc724","sha1":"7d781f9d01000f50052faad11b76c23156c58eaf","sha256":"988e9effd6680b71fa8355efb7f41e55baf7fa096fff438cc8838ad0186043a1","sha512":"cf78061c968e5e82be1ee1740d62c65eba749396551fbde6829d1f65a00c2841bb35214d9671e53999229d16a555d58cbf3290c5731ecc54b60b84ff9a05cce8","ssdeep":"96:n8PhecVgS5XbsGy/iyylgH8VJy3Y58tTXSFPv99:nU08JRbdB9yLtTi","tlshash":"24a164ebb3d0b7c0d143e3b0d0229574776729baff6ac3864290ee55aa550c9484ec94","first_seen":"2023-07-08T17:48:53Z","last_seen":"2026-03-29T15:19:13.361076Z","times_seen":61,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:31.180Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 157\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ; _ga_JZZNGY93CC=GS2.1.s1772343630$o1$g1$t1772343630$j60$l0$h0; _ga=GA1.1.1485598974.1772343631; pixelsink_uid=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":157,"data":"[{\"id\":\"788d2fb8-f29c-40b8-ba7e-34a127bcff57\",\"qKey\":\"78de0be6-1179\",\"operationName\":\"getBanner\",\"variables\":{\"options\":{\"groupId\":\"1\",\"id\":\"3326\",\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:31 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2842,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"18d13dc9cb98011b86d6bc8ac2ddefe1","sha1":"d105e244b7c10c57730d0efa832d16fcfd5a2813","sha256":"49a1b1a81f8e77787d3ee8b4f90ce16240088750aba604f57de26d559fdc75c0","sha512":"f86e24d914dd2ec7b6b87b029ab80f09c13ab55df6cc2d2e204be3967cb767066aa82b4247b1196ce8db33bb02de168dc94b9877b4c9b87cf929d4d75d9f2e2c","ssdeep":"","tlshash":"4651529b079c1c7ed30a618a78bf3a65284e2027a2c1ef6475da5f7821f5e7b013305d","first_seen":"2026-03-01T05:41:07.350419Z","last_seen":"2026-03-01T05:41:07.350419Z","times_seen":1,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/gtm.js?id=GTM-KGLDT3T","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:29.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:37 GMT","end":"Mon, 27 Apr 2026 08:36:36 GMT"},"fingerprint":{"sha1":"8B:BA:E2:19:5D:6C:81:59:ED:D8:AA:3B:2D:5F:A3:A2:C8:A1:E3:DF","sha256":"B0:8C:FC:C1:98:34:EB:0E:FF:AB:13:B4:9E:AA:B1:7E:02:11:9A:93:31:F2:A1:0F:23:9E:2B:C3:6F:EC:26:F8"}}},"request":{"raw":"GET /gtm.js?id=GTM-KGLDT3T HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\naccess-control-allow-origin: *\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Cache-Control\r\ncontent-encoding: gzip\r\nvary: Accept-Encoding\r\ndate: Sun, 01 Mar 2026 05:40:30 GMT\r\nexpires: Sun, 01 Mar 2026 05:40:30 GMT\r\ncache-control: private, max-age=900\r\nlast-modified: Sun, 01 Mar 2026 03:00:00 GMT\r\nstrict-transport-security: max-age=31536000; includeSubDomains\r\ncross-origin-resource-policy: cross-origin\r\nserver: Google Tag Manager\r\ncontent-length: 133819\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":529435,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (43657)","md5":"027ae8b32946f8b19dff4705889fcd0a","sha1":"e85eda88598d6c6a4842eab16936ad303d70ef7a","sha256":"ffe489baa45ee4d7c556f35503a851a88e871264ba03986984dbe4994bfd1d4a","sha512":"f741593d4d0ac532d68e871ec77353fadc7f423679917731aabcccf430e8e5b50a78038720bfda509d8ac2b59b81ab4693ad08271821e928fde073e488727313","ssdeep":"6144:RFgtTEalk8+dcHcMoXTLvGd8XZCTzWEzXJDlzqilmo5nborP:tH+HcMoXPs8Nil9nbkP","tlshash":"6cb4f98e73d4b87ac3a65524643f060a663d20e2b14c9590f0d9ccd42e7997972a3fbf","first_seen":"2026-03-01T05:41:07.351216Z","last_seen":"2026-03-01T05:41:07.351216Z","times_seen":1,"resource_available":true,"data":null}},"time_used":268,"timings":{"blocked":80,"dns":2,"connect":21,"send":0,"wait":48,"receive":59,"ssl":56},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/dd2143ca.d.m.BDaCtZJN.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/dd2143ca.d.m.BDaCtZJN.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 20582\r\ntraceparent: 00-c11ad8a894f324a399e5666a5d639763-83e25519e0042264-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-5066\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":64383,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (62242)","md5":"173016191c06704eef04f03986b14bdd","sha1":"9c12772a51df61ebaef02952023c16c464dfca3a","sha256":"b23a26c77610197fcf71c118bb19b4f0f67403cf25eb4c0048c42ba0da66f91f","sha512":"d63d4789357a1eb484c142e89df23fbfc84fd32ac94d52555cca9d00f7aed910d9769993db3e918d1357ad54785f4caab085ef42d9949560340a8afaf1f63212","ssdeep":"768:4hpsMqKvydWIthUY7jwhgmNX5DrjWHQyfgJ8IfhoVkjpWBknQAY68uAgKud+et5d:440yRbYVfh7WBknQL61PHd+ejJm8","tlshash":"b05380cd76d2b0a583a3a034402f940af33e2d55a84dc558f5bbc4d5bcba819863bf6d","first_seen":"2026-02-26T15:36:50.678293Z","last_seen":"2026-03-08T14:14:44.173037Z","times_seen":13,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/pacifico/v23/FwZY7-Qmy14u9lezJ-6H6Mk.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.212Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/pacifico/v23/FwZY7-Qmy14u9lezJ-6H6Mk.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 32280\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Wed, 25 Feb 2026 12:31:11 GMT\r\nexpires: Thu, 25 Feb 2027 12:31:11 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 16 Sep 2025 03:41:35 GMT\r\ncontent-type: font/woff2\r\nage: 320953\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":32280,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 32280, version 1.0","md5":"d150e652cabc5a1d12723ea4140fdfcb","sha1":"8304ce1e39dc93c28ca8dc5752273525a462e8e5","sha256":"99ec044ad9040a708e38f90ebd5984ca03fc46afeee26d5c77c4769c66ed89e2","sha512":"7f1497eeb0e8a1349fedae0428563ad60a48b8ddb1d42595c583d88f0d45500abe86772a9b51e024da763791c430a62e2bb82654ca6b93f8589dc374b708c2c4","ssdeep":"768:ymUaCDnm4OxWqBUK+bStvMxZWA2FsIjPkek2qCzN:ymUF1OxWCqusIjTTzN","tlshash":"1ae2e15f42f09d30d0f20634daa9c5343b50b9fdd19be02a2a5cdc0967a45d9357f1e9","first_seen":"2025-09-17T01:56:31.341257Z","last_seen":"2026-04-04T14:04:46.922003Z","times_seen":2420,"resource_available":false,"data":null}},"time_used":145,"timings":{"blocked":62,"dns":1,"connect":22,"send":0,"wait":17,"receive":1,"ssl":39},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:31.651Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 140\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ; _ga_JZZNGY93CC=GS2.1.s1772343630$o1$g1$t1772343630$j60$l0$h0; _ga=GA1.1.1485598974.1772343631; pixelsink_uid=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":140,"data":"[{\"id\":\"317c3f3f-472e-4916-8c4d-467fa88ffc26\",\"qKey\":\"1a804ae7-152\",\"operationName\":\"getIntercomUserHash\",\"variables\":{\"options\":{\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:31 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":195,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"f27f9a4e2f54043984dbd6804f23c3a1","sha1":"2758611fcd52995ab08fe191a6353c98743610e0","sha256":"d1539c792a6390654de72c10e33929792ad16252a078eb225bd5be94a1f40c4e","sha512":"b2990644cbb3bdabf4d63f6f2a4d60f7684d7d601307fb3688d9c22f5815306786f9ffa3b34d4c5e3405ddc420848c8c16925ef52dc60168da87facfaf447114","ssdeep":"","tlshash":"01d02282d70b1e035f0471c0a434ba078c3e3836409a783c85c8a61dacd74ec9288b19","first_seen":"2026-03-01T05:41:07.353028Z","last_seen":"2026-03-01T05:41:07.353028Z","times_seen":1,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:36.117Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 157\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ; _ga_JZZNGY93CC=GS2.1.s1772343630$o1$g1$t1772343630$j60$l0$h0; _ga=GA1.1.1485598974.1772343631; pixelsink_uid=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5; intercom-id-cnjqphyx=85381ab1-a36d-4721-b8a9-31da0a6aeb3e; intercom-session-cnjqphyx=; intercom-device-id-cnjqphyx=73ea108a-a9be-4949-8c19-bbffe60d1c88\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":157,"data":"[{\"id\":\"459c80c7-9d0f-4730-811a-365b32ee829d\",\"qKey\":\"78de0be6-1179\",\"operationName\":\"getBanner\",\"variables\":{\"options\":{\"groupId\":\"1\",\"id\":\"3326\",\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:36 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2852,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"f1f1bd99306305b006564a41cb3d0fa1","sha1":"d62c8f23d949bbe5c466fed45c4f4d9b09b593f5","sha256":"c4179d01c2f11f68764b5407d0e282678f81e6ca9d1e31682b3881172ada47c3","sha512":"92e181ab53e059d428afcd5bcdc28ca80bc3eeb1756c91bd3a4aec56dd212bbf3a1b0e0357406e1516d6b84b1b63f2d788755b9c31db6ed0e3c50276bf1b7add","ssdeep":"","tlshash":"1951639b479c1c7ed30a21ca78bf3925285e2027a6c1ef5862ea4f7871f5e7b413205d","first_seen":"2026-03-01T05:41:07.353798Z","last_seen":"2026-03-01T05:41:07.353798Z","times_seen":1,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":54,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/94ae4756.d.m.DmZFrEVY.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.024Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/94ae4756.d.m.DmZFrEVY.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 17340\r\ntraceparent: 00-ebcaafe04f4eec3a363dbc738a2709b6-2c88e5b35c5c3533-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-43bc\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":76702,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (29866), with NEL line terminators","md5":"bc183fc5af2aa719ee37d4644d455647","sha1":"58c6354a228268cc6307167d6e6c53da31b6c806","sha256":"f3a526b9816aa702df93ed0391a67e289b6bbb427eb35bb304014483ab6b4d5e","sha512":"8e0ad86daf03238848ed4d89f469409ba993e6640deed2b6eecae6d2d335f8f45bacdb760345865ce19f4e5f6edddc89b4e63c1fde940ef4c7904412a908ef25","ssdeep":"1536:RXm/AUZGfkHm2Qp5gZ/W/RH2GtGUQ7ZKJDbPq:R2YMGB2C62PmQJDbPq","tlshash":"567363ca71c2f0a683e76034002f9405f37a1d75a0bc91a4deaac4f9bdfa5195637f29","first_seen":"2026-02-26T15:36:50.735192Z","last_seen":"2026-03-01T05:41:07.354563Z","times_seen":5,"resource_available":true,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":9,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/4e25ffb2.d.m.dHLnw-58.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.572Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/4e25ffb2.d.m.dHLnw-58.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 310\r\ntraceparent: 00-9c076f75af7c267afbbd863f5215b119-60c51b7bc3c504c7-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-136\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":512,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (461)","md5":"eec812664988c33047428d43327c26c8","sha1":"112e9314babab0ade8acb892668c22bb5872fb46","sha256":"43cdf9882055daeef19044d8909b25140614a15063e0f204e03f20c038c3e3e1","sha512":"ef809b1eb6f8acb17f9c5ba71193a5ee7093bfa4cb11c2894761756f0d9353c44bfdd7b22d28cefb80a2ac2e9133db8d68217caef7e023f15af840482056b1b4","ssdeep":"","tlshash":"a7f0c9ccb2c2b869026700b9803f985ee63a79903acf8090d50a90746e7041a8233e2e","first_seen":"2026-02-26T15:36:50.783339Z","last_seen":"2026-03-01T05:41:07.355412Z","times_seen":5,"resource_available":true,"data":null}},"time_used":8,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-cherry-1.svg","fqdn":"cdnimages3.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.937Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /HRJLWPLB/files/showcase/dark/color-cherry-1.svg HTTP/1.1\r\nHost: cdnimages3.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: image/svg+xml\r\ntraceparent: 00-46444263e859d710526a2f045d9d0922-034aa104b934de2b-01\r\nlast-modified: Fri, 19 Mar 2021 17:11:17 GMT\r\netag: W/\"903-5bde6cde22214\"\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc19\r\nage: 278251\r\ncache: HIT\r\nx-cached-since: 2026-02-26T00:22:53+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":2307,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f7f39547f4e8a3bbb235c0744e02300e","sha1":"cec29670768057f3f1527829b51b756fa4257f1d","sha256":"f7c787a6c2d25303927c9c7a8c60a941044203e259f96a120f8559aac119b7da","sha512":"8cea2f9a4bca0b746648b082ab6b81a8b2ee2c18a8e71e3538924a9e14e63a8c73d07aa364cc9da13fcd896d3aece082ff108c6d1a8bd0d3b67dabb48172ebc2","ssdeep":"","tlshash":"4d4140eae6c8b4e1e187d3c88900d47662eb79fb37bbcb4440846f4966251dd8e4cd90","first_seen":"2023-07-08T17:48:53Z","last_seen":"2026-03-29T15:19:13.393062Z","times_seen":62,"resource_available":false,"data":null}},"time_used":18,"timings":{"blocked":6,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pixel-us.r2drtb.com/pixel?auth=4jg3s6\u0026event=visit\u0026uid=\u0026p3=undefined\u0026p4=\u0026site=leon75.bet\u0026ln=en-US","fqdn":"pixel-us.r2drtb.com","domain":"r2drtb.com","tld":"com"},"ip":{"addr":"88.214.195.101","port":443,"asn":46636,"as":"NATCOWEB","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:31.021Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2drtb.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 26 Jun 2025 00:00:00 GMT","end":"Wed, 08 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D0:48:15:25:D2:83:00:DD:7D:70:07:A2:B0:40:FB:88:E5:9B:C3:05","sha256":"59:30:1A:64:93:31:49:89:58:C3:C8:2E:88:12:01:02:54:8C:F0:86:A1:40:B7:58:E0:4A:3B:ED:8D:8F:9F:A0"}}},"request":{"raw":"GET /pixel?auth=4jg3s6\u0026event=visit\u0026uid=\u0026p3=undefined\u0026p4=\u0026site=leon75.bet\u0026ln=en-US HTTP/1.1\r\nHost: pixel-us.r2drtb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 01 Mar 2026 05:40:31 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nCache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store\r\nPragma: no-cache\r\nExpires: Sat, 01 Jan 2000 00:00:00 GMT\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":105,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"track.liftdsp.com/collect?data=eyJpX3NlZ21lbnRfaWQiOjE1NDAzOCwiYl9zZWdtZW50X2lkIjpudWxsLCJsaWZ0X3VzZXJfaWQiOiI0MTAzY2ZlNS1hYzJmLTRhOWQtOTllZS1iZGU4ZjM3MjE4ZjUiLCJwaXhlbF9maXJlX2lkIjoiMTc3MjM0MzYzMTE0OS1jMGEwZWE3Ni02YjEwLTRmNjMtOTkyZC02NWNlNzgyMzdmY2UiLCJwaXhlbF9maXJlX2dyb3VwX2lkIjoiMTc3MjM0MzYzMTE0OS02YTA2MGFkYS00OWVhLTQ5Y2QtYTY4MS0wZGEzODUxYmM2ZmIiLCJjdXN0b21fZGF0YSI6e30sInRyaWdnZXJfcnVsZSI6bnVsbCwiZmluZ2VycHJpbnRfb3J0YiI6IlRXOTZhV3hzWVNBb1YybHVaRzkzY3lCT1ZDQXhNQzR3T3lCWGFXNDJORHNnZURZME95Qnlkam94TXpRdU1Da2dSMlZqYTI4Z1JtbHlaV1p2ZUh4bGJpMVZVM3d4TWpnd2VERXdNalI4VlZSRGZGZHBiak15ZkRJMGZEUTRmREI4Tlh3eE5qSXlNekV6TWpnNWZERXhPVFUxTlRjMU5IeE5aWE5oZkd4c2RtMXdhWEJsZkdWdUxWVlRMR1Z1ZkRGOGZEQjhWMmx1Wkc5M2MzeG1ZV3h6Wlh4aGNIQnNhV05oZEdsdmJpOXdaR1lzZEdWNGRDOXdaR1o4U0dWc2RtVjBhV05oTEVOdmRYSnBaWElzVUdGc1lYUnBibTk4IiwiZmluZ2VycHJpbnRfaGlnaHJlcyI6IlRXOTZhV3hzWVM4MUxqQWdLRmRwYm1SdmQzTWdUbFFnTVRBdU1Ec2dWMmx1TmpRN0lIZzJORHNnY25ZNk1UTTBMakFwSUVkbFkydHZMekl3TVRBd01UQXhJRVpwY21WbWIzZ3ZNVE0wTGpCOFpXNHRWVk44TVRJNE1IZ3hNREkwZkZWVVEzeFhhVzR6TW53eU5IdzBPSHd3ZkRWOE1UWXlNak14TXpJNE9Yd3hNVGsxTlRVM05UUjhUV1Z6WVh4c2JIWnRjR2x3WlE9PSIsInVybCI6Imh0dHBzOi8vbGVvbjc1LmJldC9yZWdpc3RyYXRpb24/cXRhZz1hMzQzMDlfdDM5MjU4X2MxNDJfc3c3aW9zMThtYTI5NnBkbGdqNTA1NGpmdSIsImRldmljZSI6eyJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTM0LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTM0LjAiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXaW4zMiIsInNjcmVlbiI6IjEyODB4MTAyNCIsImRldmljZV90eXBlIjoiZGVza3RvcCIsIm9zIjoiV2luZG93cyJ9LCJ0Y2Zfc3RyaW5nIjpudWxsLCJnZHByX2FwcGxpZXMiOm51bGwsInVzX3ByaXZhY3lfc3RyaW5nIjpudWxsLCJ0aW1lc3RhbXAiOiIyMDI2LTAzLTAxVDA1OjQwOjMxLjE0OVoifQ==","fqdn":"track.liftdsp.com","domain":"liftdsp.com","tld":"com"},"ip":{"addr":"3.167.2.124","port":443,"asn":0,"as":"","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:31.736Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"track.liftdsp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Fri, 25 Jul 2025 00:00:00 GMT","end":"Sun, 23 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"F5:18:52:8D:E1:26:95:D7:DB:15:DF:B9:09:C9:C3:C0:77:05:A0:CA","sha256":"73:B8:80:92:8F:BE:DE:B0:39:0F:83:CA:C8:55:E1:16:99:75:C0:B1:4B:73:FD:83:54:F0:AC:CA:65:35:39:40"}}},"request":{"raw":"GET /collect?data=eyJpX3NlZ21lbnRfaWQiOjE1NDAzOCwiYl9zZWdtZW50X2lkIjpudWxsLCJsaWZ0X3VzZXJfaWQiOiI0MTAzY2ZlNS1hYzJmLTRhOWQtOTllZS1iZGU4ZjM3MjE4ZjUiLCJwaXhlbF9maXJlX2lkIjoiMTc3MjM0MzYzMTE0OS1jMGEwZWE3Ni02YjEwLTRmNjMtOTkyZC02NWNlNzgyMzdmY2UiLCJwaXhlbF9maXJlX2dyb3VwX2lkIjoiMTc3MjM0MzYzMTE0OS02YTA2MGFkYS00OWVhLTQ5Y2QtYTY4MS0wZGEzODUxYmM2ZmIiLCJjdXN0b21fZGF0YSI6e30sInRyaWdnZXJfcnVsZSI6bnVsbCwiZmluZ2VycHJpbnRfb3J0YiI6IlRXOTZhV3hzWVNBb1YybHVaRzkzY3lCT1ZDQXhNQzR3T3lCWGFXNDJORHNnZURZME95Qnlkam94TXpRdU1Da2dSMlZqYTI4Z1JtbHlaV1p2ZUh4bGJpMVZVM3d4TWpnd2VERXdNalI4VlZSRGZGZHBiak15ZkRJMGZEUTRmREI4Tlh3eE5qSXlNekV6TWpnNWZERXhPVFUxTlRjMU5IeE5aWE5oZkd4c2RtMXdhWEJsZkdWdUxWVlRMR1Z1ZkRGOGZEQjhWMmx1Wkc5M2MzeG1ZV3h6Wlh4aGNIQnNhV05oZEdsdmJpOXdaR1lzZEdWNGRDOXdaR1o4U0dWc2RtVjBhV05oTEVOdmRYSnBaWElzVUdGc1lYUnBibTk4IiwiZmluZ2VycHJpbnRfaGlnaHJlcyI6IlRXOTZhV3hzWVM4MUxqQWdLRmRwYm1SdmQzTWdUbFFnTVRBdU1Ec2dWMmx1TmpRN0lIZzJORHNnY25ZNk1UTTBMakFwSUVkbFkydHZMekl3TVRBd01UQXhJRVpwY21WbWIzZ3ZNVE0wTGpCOFpXNHRWVk44TVRJNE1IZ3hNREkwZkZWVVEzeFhhVzR6TW53eU5IdzBPSHd3ZkRWOE1UWXlNak14TXpJNE9Yd3hNVGsxTlRVM05UUjhUV1Z6WVh4c2JIWnRjR2x3WlE9PSIsInVybCI6Imh0dHBzOi8vbGVvbjc1LmJldC9yZWdpc3RyYXRpb24/cXRhZz1hMzQzMDlfdDM5MjU4X2MxNDJfc3c3aW9zMThtYTI5NnBkbGdqNTA1NGpmdSIsImRldmljZSI6eyJ1c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NDsgcnY6MTM0LjApIEdlY2tvLzIwMTAwMTAxIEZpcmVmb3gvMTM0LjAiLCJsYW5ndWFnZSI6ImVuLVVTIiwicGxhdGZvcm0iOiJXaW4zMiIsInNjcmVlbiI6IjEyODB4MTAyNCIsImRldmljZV90eXBlIjoiZGVza3RvcCIsIm9zIjoiV2luZG93cyJ9LCJ0Y2Zfc3RyaW5nIjpudWxsLCJnZHByX2FwcGxpZXMiOm51bGwsInVzX3ByaXZhY3lfc3RyaW5nIjpudWxsLCJ0aW1lc3RhbXAiOiIyMDI2LTAzLTAxVDA1OjQwOjMxLjE0OVoifQ== HTTP/1.1\r\nHost: track.liftdsp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: image/gif\r\ncontent-length: 0\r\ndate: Sun, 01 Mar 2026 05:40:31 GMT\r\netag: W/\"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk\"\r\nserver: nginx/1.28.1\r\nx-powered-by: Express\r\nx-cache: Miss from cloudfront\r\nvia: 1.1 36817f2624d87ea26a28cf9e3afd2402.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: OSL50-P2\r\nx-amz-cf-id: gKPcVDXQI2rQRcfeeRH2UZBiiLgB7taHFe5WyVzMz1qzgNyPvHF_tQ==\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Nginx:1.28.1","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Express","description":"Express is a web application framework for Node.js, released as free and open-source software under the MIT License. It is designed for building web applications and APIs.","website":"https://expressjs.com","common_platform_enumeration":"cpe:2.3:a:expressjs:express:*:*:*:*:*:*:*:*","icon":"Express.svg","categories":["Web frameworks","Web servers"]},{"name":"Node.js","description":"Node.js is an open-source, cross-platform, JavaScript runtime environment that executes JavaScript code outside a web browser.","website":"https://nodejs.org","common_platform_enumeration":"cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*","icon":"Node.js.svg","categories":["Programming languages"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]}],"data":{"size":0,"size_decoded":0,"mime_type":"image/gif","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:41.877Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 157\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ; _ga_JZZNGY93CC=GS2.1.s1772343630$o1$g1$t1772343630$j60$l0$h0; _ga=GA1.1.1485598974.1772343631; pixelsink_uid=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5; intercom-id-cnjqphyx=85381ab1-a36d-4721-b8a9-31da0a6aeb3e; intercom-session-cnjqphyx=; intercom-device-id-cnjqphyx=73ea108a-a9be-4949-8c19-bbffe60d1c88\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":157,"data":"[{\"id\":\"6db4855e-fdd4-42d2-b85b-2c7f63265206\",\"qKey\":\"78de0be6-1179\",\"operationName\":\"getBanner\",\"variables\":{\"options\":{\"groupId\":\"1\",\"id\":\"3326\",\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:41 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2842,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"73266a2e09f03273d3bb8c8593a4cf91","sha1":"428a2bc98c64ce33c2dbd745b5c4d39a8e22821e","sha256":"0a6cede685687acfe19a56451f3e645c2a666061b29249a85b0d12a1e9d8ae38","sha512":"831c0b86f602deac0d573a21c64d40546d5463ccf698d7384592c59434ce912d9ccb67e54f5e66241ebf7d2e8c3c61a89fe8333d4e86109963498dc14b591fe2","ssdeep":"","tlshash":"3751729b074c1c7ed30a61c678bf3925284e2027a2c0ef54619a4f7831f4e7b013205d","first_seen":"2026-03-01T05:41:07.356868Z","last_seen":"2026-03-01T05:41:07.356868Z","times_seen":1,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/f0836975.d.m.B-jDnhKB.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.398Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/f0836975.d.m.B-jDnhKB.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 58750\r\ntraceparent: 00-3bbc34e266d432885af79f6b027be7ce-87505056c4ff6e7b-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-e57e\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":224135,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (24590)","md5":"3da233b38fddad39247c6bd3e9a098f6","sha1":"cd5508cd687ff411d567a65e6311982ccb88d7ee","sha256":"ca28c00b2e4527bc8b7f80c0b909a5a754e2577b01e3cc991d3bf27ca2c33ee8","sha512":"136f2d40b3c4a18690f8549028bc8a5e4139a1ecdef583a7b5bbedb403a7ad73cfd0024fa409162b0a3b7d28a5fc9384738fad20728e98d8c300eb86261ade48","ssdeep":"3072:I8NbFH3qLe5FEwSwXwOlczFAaugR6iVHcVHl2po3y5HL9QYl3tx4C4JdErZ4O5Lh:pLFDgOuFRDV8/2pA/s","tlshash":"6d244ba4738ab43547c451a4902e1b22f17a9c6a645cd018faedcef61fb8446637ef3c","first_seen":"2026-02-26T15:36:50.774113Z","last_seen":"2026-03-01T05:41:07.357759Z","times_seen":5,"resource_available":true,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/65c7eb77.d.m.CyU81GPp.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.435Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/65c7eb77.d.m.CyU81GPp.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1102\r\ntraceparent: 00-2ee658424bd7f8c03de40f241d1a0c4a-27ce164c539e4ab5-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-44e\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":2481,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (2430)","md5":"94c93374b42bff5f26f3a34ea2a87ad6","sha1":"5e054b529cf3c700778621da0f48ccc9118df064","sha256":"ffed4d59c3f7f26c22e09e873b88b73a7fe5068821384713a935e94edf533ace","sha512":"adbee56cc4cb3dce3fa89aeff8848aae95e0b6b1de4b7b9db8ddf7b9d9f89107bedc520d179d55a1012d317027d3a5c1189566309894397c4970bd97fdafdf9e","ssdeep":"","tlshash":"aa5140ccbbfba07026a508e58197b007b3bfe985717d5052f02c55b27a5349f91ab90f","first_seen":"2026-02-26T15:36:50.802105Z","last_seen":"2026-03-01T05:41:07.358629Z","times_seen":4,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/18+-dark-48.svg","fqdn":"cdnimages2.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.880Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /SC/Leonbets/web2_footer_icons/18+-dark-48.svg HTTP/1.1\r\nHost: cdnimages2.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 2763\r\ntraceparent: 00-e346b9d02977a85c2d24593c9d95b4ff-36aec43b080669a7-01\r\nlast-modified: Thu, 10 Nov 2022 09:27:30 GMT\r\netag: \"acb-5ed1a61e3e61e\"\r\naccess-control-allow-origin: *\r\nexpires: Tue, 31 Mar 2026 05:40:25 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\nx-id: sto5-hw-edge-gc19\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2763,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"63e9bdf84336ba2f0d7fd0116bbc47e0","sha1":"5f1882ed3aa41267bbdb1c083902955e2a965022","sha256":"2c0b2b2f7ac364b363a152aeddf08ad89a3b4043e3347cead0206158492c8a2a","sha512":"f59720c3a786afb91c58de81a4097faebb49e15008f2918805b041afa60d8e790d2296ccc3b01b008992ca92135c59135f27b7c5760542999f8a5c7089e9b5cb","ssdeep":"","tlshash":"145101efa7d4b2c0d807e3b094094a793adf287f77158744425aaee6fb02094484e8c4","first_seen":"2023-07-08T17:48:53Z","last_seen":"2026-03-31T00:45:46.207178Z","times_seen":122,"resource_available":false,"data":null}},"time_used":354,"timings":{"blocked":67,"dns":8,"connect":13,"send":0,"wait":214,"receive":0,"ssl":43},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api-iam.intercom.io/messenger/web/launcher_settings","fqdn":"api-iam.intercom.io","domain":"intercom.io","tld":"io"},"ip":{"addr":"44.193.165.2","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:32.431Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercom.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 13 Nov 2025 00:00:00 GMT","end":"Fri, 11 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E2:7C:0F:4C:CC:B1:6F:45:04:99:4A:D4:CB:5C:0B:60:CA:75:CD:8E","sha256":"A6:51:D4:CB:51:4E:EF:B9:AD:B6:95:84:A1:3B:92:C1:BF:81:F5:22:36:A3:50:A2:8E:92:09:4A:15:D0:7E:CC"}}},"request":{"raw":"POST /messenger/web/launcher_settings HTTP/1.1\r\nHost: api-iam.intercom.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 614\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":614,"data":"app_id=cnjqphyx\u0026v=3\u0026g=13a802a20105f3a9ee604c01417792e909cb724e\u0026s=6b7c3a2d-ee52-466d-b317-4375efe5f92a\u0026r=\u0026platform=web\u0026installation_type=js-snippet\u0026installation_version=undefined\u0026Idempotency-Key=e660c1d7a825edb2\u0026internal=\u0026is_intersection_booted=false\u0026page_title=%D0%9BE%D0%9E%D0%9D%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE\u0026user_active_company_id=undefined\u0026user_data=%7B%7D\u0026referer=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Mar 2026 05:40:32 GMT\r\ncontent-type: application/json; charset=utf-8\r\nstatus: 200 OK\r\nvary: Accept,Accept-Encoding\r\nx-intercom-version: 3a6278ee6fbdf3603b9aef0a30a40e5281af1419\r\naccess-control-expose-headers: x-request-id, x-runtime\r\ncontent-encoding: gzip\r\nx-request-id: 000t9sgsqvs0730q1a70\r\netag: W/\"425b2c15c3643cb2cc30cf77f8382a7b\"\r\nx-frame-options: SAMEORIGIN\r\ncache-control: max-age=0, private, must-revalidate\r\naccess-control-allow-origin: https://leon75.bet\r\nstrict-transport-security: max-age=31556952; includeSubDomains; preload\r\nreferrer-policy: strict-origin-when-cross-origin\r\naccess-control-max-age: 86400\r\nx-xss-protection: 1; mode=block\r\nx-request-queueing: 0\r\ntiming-allow-origin: *\r\naccess-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA, traceparent, X-Continue-Intercom-Trace\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nx-runtime: 0.030191\r\nx-content-type-options: nosniff\r\nserver: nginx\r\nx-ami-version: ami-05c78277a6b2db1be\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":582,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"a74d3851b5a9651c56a729e58a095aa6","sha1":"37219b4b069d0d99193691777e84a7492751123c","sha256":"425b2c15c3643cb2cc30cf77f8382a7b3e8955691edaa6889524e34417016016","sha512":"445456d090d93484166d407c2a695bd8228193ae4252805f81c978e374522d02bcf81c322881a868972542ecf788ad3e3315a5a903be88bb8aec595a6ce39ab4","ssdeep":"","tlshash":"51f0e1ed97cc4c2537d147d9c21f6e1b079645d962901db0f0b8dd98d0eb60b5949507","first_seen":"2026-02-28T15:40:00.740439Z","last_seen":"2026-03-01T05:41:07.35963Z","times_seen":4,"resource_available":false,"data":null}},"time_used":550,"timings":{"blocked":211,"dns":11,"connect":95,"send":0,"wait":127,"receive":0,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"downloads.intercomcdn.com/i/o/cnjqphyx/810341/0b23188d2bb7b3fc6d2a83c390b5/13f3db22a136c3fa5ea34818db1285c9.png","fqdn":"downloads.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:39.663Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercomcdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Sun, 15 Feb 2026 00:00:00 GMT","end":"Mon, 15 Mar 2027 23:59:59 GMT"},"fingerprint":{"sha1":"23:66:5F:8E:51:2D:4B:82:40:40:71:81:A2:51:36:EB:A6:1C:CC:88","sha256":"80:72:31:EF:B7:D5:AD:73:6E:61:EB:89:36:D5:40:F4:17:D5:E8:6D:26:C6:92:2E:C5:D7:50:B5:9E:A6:B4:CE"}}},"request":{"raw":"GET /i/o/cnjqphyx/810341/0b23188d2bb7b3fc6d2a83c390b5/13f3db22a136c3fa5ea34818db1285c9.png HTTP/1.1\r\nHost: downloads.intercomcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"","headers":null,"cookies":null,"status_code":"","status_text":"","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":0,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":0,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/7fbe0154.aYqxiVma.css","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.214Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/7fbe0154.aYqxiVma.css HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: text/css\r\ncontent-length: 7112\r\ntraceparent: 00-8910a0b2565fe170028d705e4225a199-2ed9dd74d9a42cda-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-1bc8\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66634\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":41099,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (41098)","md5":"2242648016cf41d72dadf76ee01e1106","sha1":"24cdffbcc8751397b05790addd08dcc4d7943025","sha256":"b266bf6aa19891f02dfc9d0c95c572d3eaf05c0f4148df895c5ff8dc53ddc73a","sha512":"b244b03b3c928e52738c756a86c6b4348da2117460676d1676797d53717e38331bf0c69c97b3746e6fd945a7dbd500ccbf8aec884feebc61bad8a19a295d343a","ssdeep":"384:MN1UNdN81MfOjDv6oQlGDAptFBXW0VTRRq1qlNTISGjaw7yV+ypXmW0cnLXABhH:MjUNdNxgDvy1DXWMFFGWuyp2Wvyp","tlshash":"9a03c7fb8f4c616ab76bf06fd3a5f518690aec43c85258e6c1a4715ca1ca7d383d070a","first_seen":"2026-02-26T15:36:50.673811Z","last_seen":"2026-03-01T05:41:07.360095Z","times_seen":5,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"api-iam.intercom.io/messenger/web/ping","fqdn":"api-iam.intercom.io","domain":"intercom.io","tld":"io"},"ip":{"addr":"44.193.165.2","port":443,"asn":14618,"as":"AMAZON-AES","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"xhr","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:32.443Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercom.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 13 Nov 2025 00:00:00 GMT","end":"Fri, 11 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E2:7C:0F:4C:CC:B1:6F:45:04:99:4A:D4:CB:5C:0B:60:CA:75:CD:8E","sha256":"A6:51:D4:CB:51:4E:EF:B9:AD:B6:95:84:A1:3B:92:C1:BF:81:F5:22:36:A3:50:A2:8E:92:09:4A:15:D0:7E:CC"}}},"request":{"raw":"POST /messenger/web/ping HTTP/1.1\r\nHost: api-iam.intercom.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nContent-Type: application/x-www-form-urlencoded\r\nContent-Length: 802\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":802,"data":"app_id=cnjqphyx\u0026v=3\u0026g=13a802a20105f3a9ee604c01417792e909cb724e\u0026s=6b7c3a2d-ee52-466d-b317-4375efe5f92a\u0026r=\u0026platform=web\u0026installation_type=js-snippet\u0026installation_version=undefined\u0026Idempotency-Key=769485eaf4eeb625\u0026internal=%7B%22marketo_tracking_cookie%22%3Anull%2C%22hubspot_tracking_cookie%22%3Anull%7D\u0026is_intersection_booted=false\u0026page_title=%D0%9BE%D0%9E%D0%9D%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE\u0026user_active_company_id=undefined\u0026user_data=%7B%22company_id%22%3A%22LI-DEFAULT%22%2C%22language_override%22%3A%22ru_KZ%22%7D\u0026source=apiUpdate\u0026sampling=false\u0026referer=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu"}},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Mar 2026 05:40:32 GMT\r\ncontent-type: application/json; charset=utf-8\r\nstatus: 200 OK\r\nvary: Accept,Accept-Encoding\r\nx-intercom-version: 3a6278ee6fbdf3603b9aef0a30a40e5281af1419\r\naccess-control-expose-headers: x-request-id, x-runtime\r\ncontent-encoding: gzip\r\nx-request-id: 001q114h7ckhvr3f9akg\r\netag: W/\"1d455900dc859feea1e21f27783ac5fa\"\r\nx-frame-options: SAMEORIGIN\r\ncache-control: max-age=0, private, must-revalidate\r\naccess-control-allow-origin: https://leon75.bet\r\nstrict-transport-security: max-age=31556952; includeSubDomains; preload\r\nreferrer-policy: strict-origin-when-cross-origin\r\naccess-control-max-age: 86400\r\nx-xss-protection: 1; mode=block\r\nx-request-queueing: 0\r\ntiming-allow-origin: *\r\naccess-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA, traceparent, X-Continue-Intercom-Trace\r\naccess-control-allow-credentials: true\r\naccess-control-allow-methods: POST, GET, OPTIONS\r\nx-runtime: 0.191409\r\nx-content-type-options: nosniff\r\nserver: nginx\r\nx-ami-version: ami-05c78277a6b2db1be\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":6641,"size_decoded":0,"mime_type":"application/json; charset=utf-8","magic":"JSON text data","md5":"c22c09a75fd7d79f700fc5271d819ad3","sha1":"8205f1f5b9517dfaee56915198a7a71705a85f5f","sha256":"1d455900dc859feea1e21f27783ac5fa9a7b173708a66eb93ab0cee1b7e81feb","sha512":"787eef5c81a2f067595d9803660b7782577c4b6973a40fc403b02deef9d6e08975d7f22515355a8174550090d4933b5621535fc872b87722cd6ef729ef82964c","ssdeep":"96:4rHa7YOyaRvUaq2JOHAmJHzlGjzK14zMwaLjGMlbjfZ9B1NAOU5zVfwHwhPD1M6h:4rHa7YKRvUaQgmxTxDB+lw+1MFGtX","tlshash":"2bd1898c45485c3e73cb82dac7557e0a0b7952a7f2942d88f9bccd2d21d7299527b307","first_seen":"2026-03-01T05:41:07.360778Z","last_seen":"2026-03-01T05:41:07.360778Z","times_seen":1,"resource_available":false,"data":null}},"time_used":701,"timings":{"blocked":206,"dns":1,"connect":99,"send":0,"wait":289,"receive":0,"ssl":102},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/app~tooltips.9d96e376.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:38.997Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercomcdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 28 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"64:9F:0E:45:43:8B:97:70:93:C0:3C:A3:8C:86:3C:74:78:46:6C:83","sha256":"E3:A5:51:D3:19:77:B6:1B:44:2E:AB:1F:87:9D:CF:AA:C8:71:56:3F:4E:E4:70:F5:F0:03:7E:70:C2:D9:65:BF"}}},"request":{"raw":"GET /app~tooltips.9d96e376.js HTTP/1.1\r\nHost: js.intercomcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 76725\r\ncross-origin-resource-policy: cross-origin\r\nlast-modified: Sat, 28 Feb 2026 18:27:42 GMT\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: gzip\r\nx-amz-version-id: EkjUULY0H_4Ukd0ApBYMXfRqqPx1Ml5J\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sun, 01 Mar 2026 05:33:13 GMT\r\ncache-control: max-age=31536000, s-maxage=7200, public\r\netag: \"425bca41ce6274f1794c461f0caef00b\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 de27d82c1c354527a5740acf5043eab4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\nage: 448\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-amz-cf-id: d43kctw_eAZqx_cC2CFUeygWblhmmH0-BxHreCTy4CPRHrrgBmRC3A==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":324243,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65457)","md5":"027290e5b29850c6edab6deaced04fe2","sha1":"638a9bcf5020089ced54119504078e10fb76b335","sha256":"65e8e0eb4e7e184b67004e2464fbef6d9ed3612bb202fbe4c45bae35faefb476","sha512":"ac8dade28c292a99630846700417fbc95d0a9b6ffbd50af87d2f425280fef3aabb8a6236684c3370ad9ebfdd25d9b91c4dd34a273cfbe3173856aa9f3d46b030","ssdeep":"6144:yQcoky2V9zpjHqUoPJWQlqIpQjvHtczansruUp4Jkp38Dz:+qUoPJWQlqlvHtczansruQ4JQ3yz","tlshash":"17643cd8b1c6b429f3675128407f140e733e7651f80d4594f66ee8e4e8aa1ca9223fde","first_seen":"2026-02-26T15:36:50.588738Z","last_seen":"2026-03-01T14:57:00.384274Z","times_seen":72,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":18,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/app.I75bNnF2.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:22.779Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/app.I75bNnF2.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:22 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 848\r\ntraceparent: 00-7ab2087c49acbecc8bab24c5e31e6cae-70d1d1a4a79f4848-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-350\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:49+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":1866,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1322)","md5":"d32cfc7907bb6d80b5be77d6ad2f8fc5","sha1":"f11dd0cf92ba1d613b98c2190a1df162e5ed4723","sha256":"2fec357092d77027493d3795234ad9618f368821e39a41ba883057a95f0f31ed","sha512":"4464fdedd9a590eae63de5d59b261c567e566b6528a6a8f671054689cce0f81260148e288970629d04421da86af7479bf97f7cc9d4b90f6f4ce4c8b1968acd28","ssdeep":"","tlshash":"67316609639295354aa514fd815f3721b3119fa1317dc6e1e0bc7c6a3db1813ca2bfe2","first_seen":"2026-02-26T15:36:50.75582Z","last_seen":"2026-03-01T05:41:07.333776Z","times_seen":4,"resource_available":true,"data":null}},"time_used":172,"timings":{"blocked":75,"dns":29,"connect":7,"send":0,"wait":9,"receive":0,"ssl":41},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages2.gcdn.co/SC/Leonbets/web2_footer_icons/SBCAwards23%20horizontal%20logo-47.svg","fqdn":"cdnimages2.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.889Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /SC/Leonbets/web2_footer_icons/SBCAwards23%20horizontal%20logo-47.svg HTTP/1.1\r\nHost: cdnimages2.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 32963\r\ntraceparent: 00-93ab8d785f4c863251b5a00dc861af3f-9647254833cb41ac-01\r\nlast-modified: Wed, 29 Nov 2023 14:11:14 GMT\r\netag: \"80c3-60b4b1ba27e77\"\r\naccess-control-allow-origin: *\r\nexpires: Tue, 31 Mar 2026 05:40:25 GMT\r\npragma: public\r\ncache-control: max-age=2592000, public\r\nx-id: sto5-hw-edge-gc19\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":32963,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"39f208963969a20927c77ff170d58fe2","sha1":"157f6e26b782db4a04d09122b259cf005ff47079","sha256":"7b626c040aadee9765e07e14b599af4cc2ed9f265653b5b5ef05aee038338a7e","sha512":"4dfe4615d190c87884b12becb29311f49d0295b64099e82acc41fc50e707536e3aa2da8cfd6ad60503a17ecb45521cc594ee32e4f19c55ac3ce451f9f82ab0d2","ssdeep":"384:RwW7ILFIilDA/XifM1VSVsgMILWtGB9ROdBdhH22jUWQRZ:tMF0SW9gAdBTrIRZ","tlshash":"33e29c5fe369dd77e18ae39cc5008034226a82a779c1c794c2f9ff4f566648a6c0ebd1","first_seen":"2023-12-10T15:49:17Z","last_seen":"2026-03-29T15:19:13.474228Z","times_seen":107,"resource_available":false,"data":null}},"time_used":353,"timings":{"blocked":48,"dns":0,"connect":0,"send":0,"wait":302,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-2/betline/sports?ctag=ru-KZ\u0026flags=urlv2","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:25.164Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"GET /api-2/betline/sports?ctag=ru-KZ\u0026flags=urlv2 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: application/json\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":281605,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (62271), with no line terminators","md5":"642472b18ddd2ac4ace90847e7789724","sha1":"ac9021d1edd92391ca21ee7d131aaefeda94bf4f","sha256":"f93e977355040d6038b66654c670249c3d1af10119f9abb5d133b8dd304ebe8e","sha512":"eee991b496fe98879d1a422770bee0ceba650ac75c381aa95c1b954491cf3bbff79fe01582af505009a5e683a297fc168b05511961bb2041bb69fe8413d6e00f","ssdeep":"6144:+cDDjFOt+kRw1YSWkcv7jtOxHyV9DV8ctsnaCrK6vAOzGzmg9zicPm7cx4ShsXp3:csRCU1","tlshash":"b354006a319c682ee7142475d8473b6aa3ad109ffd4ddd01f398cecd30b25a427712ab","first_seen":"2026-03-01T05:41:07.362931Z","last_seen":"2026-03-01T05:41:07.362931Z","times_seen":1,"resource_available":false,"data":null}},"time_used":114,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":114,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/rubik/v31/iJWKBXyIfDnIV7nFrXyw1W3fxIlGzg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.407Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/rubik/v31/iJWKBXyIfDnIV7nFrXyw1W3fxIlGzg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 15028\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Thu, 26 Feb 2026 08:42:16 GMT\r\nexpires: Fri, 26 Feb 2027 08:42:16 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:33:06 GMT\r\ncontent-type: font/woff2\r\nage: 248290\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":15028,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 15028, version 1.0","md5":"42df88898bab0fab4c59cd7590f670ed","sha1":"5a31376aff3fbaad3396224b7157d1294273b326","sha256":"6285243909b5d0b7d12b5795a99e37355e361ebfeef01b6f8bc95fbe46aa611c","sha512":"6df2554d7064157913f8f19bce08248edb1daaed201da4efdae927d3742a55a3f6584d07c94c5772fbd5222978b6857951054d6699dcdc8e16ba1c7b5bb3c1ca","ssdeep":"384:TzdHStVe4OxNyweZXvvMrcOYVGPfSGOPhz:TzdHS32yVZ/vMzYQHrKz","tlshash":"6762c090cbfdb6e3e93c26b44748fa853dd2fa205837e3d1afc2885170c071a36a5526","first_seen":"2025-06-04T19:39:20.238119Z","last_seen":"2026-04-04T10:53:57.708857Z","times_seen":1613,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":15,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-JZZNGY93CC\u0026gtm=45je62p1h1v871047016z8890860847za20gzb890860847zd890860847\u0026_p=1772343629948\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1485598974.1772343631\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAAAGQ\u0026tag_exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026dl=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\u0026sid=1772343630\u0026sct=1\u0026seg=0\u0026dt=%D0%9BE%D0%9E%D0%9D%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE\u0026uid=\u0026_s=3\u0026tfd=13560","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:35.832Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:37 GMT","end":"Mon, 27 Apr 2026 08:36:36 GMT"},"fingerprint":{"sha1":"8B:BA:E2:19:5D:6C:81:59:ED:D8:AA:3B:2D:5F:A3:A2:C8:A1:E3:DF","sha256":"B0:8C:FC:C1:98:34:EB:0E:FF:AB:13:B4:9E:AA:B1:7E:02:11:9A:93:31:F2:A1:0F:23:9E:2B:C3:6F:EC:26:F8"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-JZZNGY93CC\u0026gtm=45je62p1h1v871047016z8890860847za20gzb890860847zd890860847\u0026_p=1772343629948\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1485598974.1772343631\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAAAGQ\u0026tag_exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026dl=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\u0026sid=1772343630\u0026sct=1\u0026seg=0\u0026dt=%D0%9BE%D0%9E%D0%9D%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE\u0026uid=\u0026_s=3\u0026tfd=13560 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 1344\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":1344,"data":"en=customer_registration_note\u0026ep.event_country=NO\u0026ep.platform_type=web\u0026ep.device_type=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026ep.web_version=6.131.3\u0026ep.theme=DARK\u0026ep.full_url=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\u0026ep.previous_page_url=https%3A%2F%2Fleon75.bet%2F\u0026ep.main_domain=leon75.bet\u0026ep.lead_section=home\u0026ep.event_category=registration\u0026epn.event_timestamp=1772343626072\u0026ep.event_action=Registration%20note\u0026ep.website_product=li\u0026ep.website_skin=default\u0026ep.website_locale=ru_KZ\u0026ep.event_label=Country%20not%20allowed\u0026ep.message=Opening%20an%20account%20at%20Leon%20is%20not%20allowed%20in%20your%20country\r\nen=page_view\u0026ep.event_country=NO\u0026ep.platform_type=web\u0026ep.device_type=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026ep.web_version=6.131.3\u0026ep.theme=DARK\u0026ep.full_url=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\u0026ep.previous_page_url=https%3A%2F%2Fleon75.bet%2F\u0026ep.main_domain=leon75.bet\u0026ep.lead_section=home\u0026ep.event_category=registration\u0026epn.event_timestamp=1772343629946\u0026ep.event_action=Page%20visit\u0026ep.website_product=li\u0026ep.website_skin=default\u0026ep.website_locale=ru_KZ\u0026ep.first_theme=DARK\u0026seg=1"}},"response":{"raw":"HTTP/3 204 No Content\r\naccess-control-allow-origin: https://leon75.bet\r\ndate: Sun, 01 Mar 2026 05:40:35 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:171:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:171:0\r\nreport-to: {\"group\":\"ascnsrsggc:171:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:171:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":45,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":44,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"o237537.ingest.us.sentry.io/api/4508036400611328/envelope/?sentry_version=7\u0026sentry_key=49b7cc7b9bcb8faa9bcc1eb74ae4099c\u0026sentry_client=sentry.javascript.vue%2F10.36.0","fqdn":"o237537.ingest.us.sentry.io","domain":"sentry.io","tld":"io"},"ip":{"addr":"34.160.81.0","port":443,"asn":396982,"as":"GOOGLE-CLOUD-PLATFORM","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.993Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"ingest.sentry.io","organization":"Sentry"},"issuer":{"commonName":"DigiCert Global G2 TLS RSA SHA256 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Thu, 24 Jul 2025 00:00:00 GMT","end":"Mon, 24 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"C4:C7:A0:3C:30:51:F2:AE:98:2C:88:9F:C7:8D:24:55:ED:C3:34:BD","sha256":"78:73:F7:3D:EE:58:1B:F8:9A:1E:17:AB:A3:70:00:86:76:EA:4E:AF:AB:F4:7B:34:5F:FA:39:D8:3B:5D:F4:B5"}}},"request":{"raw":"POST /api/4508036400611328/envelope/?sentry_version=7\u0026sentry_key=49b7cc7b9bcb8faa9bcc1eb74ae4099c\u0026sentry_client=sentry.javascript.vue%2F10.36.0 HTTP/1.1\r\nHost: o237537.ingest.us.sentry.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/\r\nContent-Type: text/plain;charset=UTF-8\r\nContent-Length: 419\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":419,"data":"{\"sent_at\":\"2026-03-01T05:40:24.934Z\",\"sdk\":{\"name\":\"sentry.javascript.vue\",\"version\":\"10.36.0\"}}\n{\"type\":\"session\"}\n{\"sid\":\"a15a9de129274a8ca3bbc625ccacdacb\",\"init\":true,\"started\":\"2026-03-01T05:40:24.933Z\",\"timestamp\":\"2026-03-01T05:40:24.933Z\",\"status\":\"ok\",\"errors\":0,\"attrs\":{\"release\":\"6.131.3\",\"environment\":\"prod\",\"user_agent\":\"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\"}}"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: application/json\r\ncontent-length: 2\r\nvary: origin, access-control-request-method, access-control-request-headers\r\naccess-control-allow-origin: *\r\naccess-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after\r\ncross-origin-resource-policy: cross-origin\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]},{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":2,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"99914b932bd37a50b983c5e7c90ae93b","sha1":"bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f","sha256":"44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a","sha512":"27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd","ssdeep":"","tlshash":"c7100000000000c00000000c00000000000000000c0000000000000000000000000000","first_seen":"2023-03-07T01:15:26Z","last_seen":"2026-04-04T14:49:43.141813Z","times_seen":554336,"resource_available":true,"data":null}},"time_used":53,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":53,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/mascot.C4J6IXOg.svg","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.155Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/mascot.C4J6IXOg.svg HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:26 GMT\r\ncontent-type: image/svg+xml\r\ncontent-length: 4149\r\ntraceparent: 00-e9ef8a977dec5103e3126e1e66f2ea3d-02127ba96bc07621-01\r\nlast-modified: Wed, 01 Oct 2025 12:35:19 GMT\r\netag: \"68dd2007-1035\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 12409655\r\ncache: HIT\r\nx-cached-since: 2025-10-08T14:32:51+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":10810,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"f4cfed5dc8f597a9ce3ace9cc0d54468","sha1":"d02e363b2a9a00da32b6a9d73a03b904ce5650fc","sha256":"86ac12bafdcfdceeca1301bec6db2de3b5d02cf3982a6f11da62e2c383f61662","sha512":"36716691243cea3866beeefab568cc29f891e356ae23a8d02ba59549a74db3119b02b40f017f4841610f27bdbdc17c4f8aa1b34064d10a6c0e413f36b7d1ee19","ssdeep":"192:Mw9sYYA4QVZsvsQHnI3woqdZgC1KlAArjzLCscXRo/f7CVxsjs0q:M6YAXsI14g7V6scBUCVz","tlshash":"812276e437f9a3e4f106f3ec8756e4247e5328fa7a61c569c3aa2c58ea4145c0d98cd3","first_seen":"2025-06-01T01:07:13.940104Z","last_seen":"2026-03-29T15:19:13.408178Z","times_seen":92,"resource_available":false,"data":null}},"time_used":10,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":8,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"js.intercomcdn.com/vendors~sentry~app.6ffaf6b6.js","fqdn":"js.intercomcdn.com","domain":"intercomcdn.com","tld":"com"},"ip":{"addr":"3.164.240.40","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:38.990Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercomcdn.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Tue, 30 Sep 2025 00:00:00 GMT","end":"Wed, 28 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"64:9F:0E:45:43:8B:97:70:93:C0:3C:A3:8C:86:3C:74:78:46:6C:83","sha256":"E3:A5:51:D3:19:77:B6:1B:44:2E:AB:1F:87:9D:CF:AA:C8:71:56:3F:4E:E4:70:F5:F0:03:7E:70:C2:D9:65:BF"}}},"request":{"raw":"GET /vendors~sentry~app.6ffaf6b6.js HTTP/1.1\r\nHost: js.intercomcdn.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 26228\r\ncross-origin-resource-policy: cross-origin\r\nlast-modified: Thu, 26 Feb 2026 13:23:58 GMT\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: gzip\r\nx-amz-version-id: w9JNQWIjSjfgycq5MbI3C_cNpEXYZark\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sun, 01 Mar 2026 04:08:38 GMT\r\ncache-control: max-age=31536000, s-maxage=7200, public\r\netag: \"f02797b80995cdd4a956d9912aabd15e\"\r\nvary: accept-encoding\r\nx-cache: Hit from cloudfront\r\nvia: 1.1 de27d82c1c354527a5740acf5043eab4.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN53-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\naccess-control-allow-origin: *\r\nage: 5529\r\nx-content-type-options: nosniff\r\nstrict-transport-security: max-age=31536000; includeSubDomains; preload\r\nx-amz-cf-id: -KTS8c1zb9flUgcDEuaKRbm74ORpaVOCm2OQ4UfBz9O4IsBLJucB9g==\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]}],"data":{"size":79172,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"043179025e75b3f210655e32ee0f1a9f","sha1":"368ad62b6af595cede271e7ac4140106ef780284","sha256":"9b03ca1d1601cfaad1efabd6cc84f753eed5273a8746779df06f479bc2190075","sha512":"bab8a9ca8bfbd122f5febe5f793238d0ef40ccfdc2f223de2cab77c157421f7ce45f1c682abdca68466a45bea4705d1be8d21be78a64b46b409ce7123265227d","ssdeep":"1536:cAy1BQKh4+lC4el5txG+u0JnbrpxyR7+hlPp:cAy1Jhm1l0Lan5xy0","tlshash":"0d73a2c9b1d2b02053eb19a5903b410ae77a5994300b8490f67cddde7eba15ee273f2d","first_seen":"2025-12-12T19:24:48.741414Z","last_seen":"2026-04-04T14:28:08.445978Z","times_seen":3796,"resource_available":true,"data":null}},"time_used":24,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":11,"receive":13,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"cdnimages3.gcdn.co/HRJLWPLB/files/showcase/dark/color-promos.svg","fqdn":"cdnimages3.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.961Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /HRJLWPLB/files/showcase/dark/color-promos.svg HTTP/1.1\r\nHost: cdnimages3.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: image/svg+xml\r\ntraceparent: 00-1fbd7f9a3a5c14deab98fd5a74686645-7e5801b36e5059cf-01\r\nlast-modified: Wed, 03 Aug 2022 11:27:28 GMT\r\netag: W/\"699-5e55484974360\"\r\ncontent-encoding: gzip\r\nx-id: sto5-hw-edge-gc19\r\nage: 278251\r\ncache: HIT\r\nx-cached-since: 2026-02-26T00:22:53+00:00\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1689,"size_decoded":0,"mime_type":"image/svg+xml","magic":"SVG Scalable Vector Graphics image","md5":"10156adee5d5413574d9a0b8606a3827","sha1":"53003c416e785a1debf70723c15061c1bfe8f476","sha256":"78271c224efe35393eead263436870aa77b3f67c0ee8abd649edfff455c5dfec","sha512":"2590932f61fc7e1fcda6a008cfcf539bde9c153f45625f4985f96ee753daf87ace64c8ca751d00da26baee288760a33e008081ac8709dea68d3854c565dc4c76","ssdeep":"","tlshash":"933110f162f6a7da9589df60d8b4f426512b14f63dd0c45092d3eb18961b04e6c0db90","first_seen":"2023-07-08T17:48:53Z","last_seen":"2026-03-29T15:19:13.350435Z","times_seen":61,"resource_available":false,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":13,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/50305e4a.d.m.nx7HPMT4.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:25.761Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/50305e4a.d.m.nx7HPMT4.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 626\r\ntraceparent: 00-0fbcdf2d9cd77abdad3ee67d60516c6c-3bf0d502b57be6ea-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-272\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":1073,"size_decoded":0,"mime_type":"application/javascript","magic":"Java source, ASCII text, with very long lines (1022)","md5":"6ac6bd297bfbf1c6f6b2c179f56967d0","sha1":"e5574dd765bc00a0f1d4730c413ff7e8c2db735b","sha256":"9e566e32fb30c2ca197b85d6f073a67697c6d4e97865f8a7f4d0e016a056df6a","sha512":"7026d8c7eea8234412d35a2131d025ae8b6ef27c7f9712b092d54b2c5faeeb92b1506c3c7c71fa83da827a8e3d972480df54674af0c6f1fdf93988dce3c28076","ssdeep":"","tlshash":"6511054ea8909df649046decc02a0070d66b05eaf328959b30ef157b576e971c12ea93","first_seen":"2026-02-26T15:36:50.680705Z","last_seen":"2026-03-01T05:41:07.366049Z","times_seen":4,"resource_available":true,"data":null}},"time_used":66,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":65,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"region1.analytics.google.com/g/collect?v=2\u0026tid=G-JZZNGY93CC\u0026gtm=45je62p1h1v871047016z8890860847za20gzb890860847zd890860847\u0026_p=1772343629948\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1485598974.1772343631\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAAAGQ\u0026_s=2\u0026tag_exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026dl=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\u0026sid=1772343630\u0026sct=1\u0026seg=0\u0026dt=%D0%9BE%D0%9E%D0%9D%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE\u0026uid=\u0026en=customerRegistrationStart\u0026_c=1\u0026ep.event_country=NO\u0026ep.platform_type=web\u0026ep.device_type=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026ep.web_version=6.131.3\u0026ep.theme=DARK\u0026ep.full_url=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\u0026ep.previous_page_url=https%3A%2F%2Fleon75.bet%2F\u0026ep.main_domain=leon75.bet\u0026ep.lead_section=home\u0026ep.event_category=registration\u0026epn.event_timestamp=1772343625775\u0026ep.event_action=Registration%20start\u0026ep.website_product=li\u0026ep.website_skin=default\u0026ep.website_locale=ru_KZ\u0026tfd=8542","fqdn":"region1.analytics.google.com","domain":"google.com","tld":"com"},"ip":{"addr":"216.239.34.36","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:30.991Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:37 GMT","end":"Mon, 27 Apr 2026 08:36:36 GMT"},"fingerprint":{"sha1":"8B:BA:E2:19:5D:6C:81:59:ED:D8:AA:3B:2D:5F:A3:A2:C8:A1:E3:DF","sha256":"B0:8C:FC:C1:98:34:EB:0E:FF:AB:13:B4:9E:AA:B1:7E:02:11:9A:93:31:F2:A1:0F:23:9E:2B:C3:6F:EC:26:F8"}}},"request":{"raw":"POST /g/collect?v=2\u0026tid=G-JZZNGY93CC\u0026gtm=45je62p1h1v871047016z8890860847za20gzb890860847zd890860847\u0026_p=1772343629948\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026dma_cps=syphamo\u0026dma=1\u0026cid=1485598974.1772343631\u0026ul=en-us\u0026sr=1280x1024\u0026frm=0\u0026pscdl=noapi\u0026_eu=AAAAAGQ\u0026_s=2\u0026tag_exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026dl=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\u0026sid=1772343630\u0026sct=1\u0026seg=0\u0026dt=%D0%9BE%D0%9E%D0%9D%20-%20%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%7C%20%D0%A1%D0%BB%D0%BE%D1%82%D1%8B%20%7C%20LIVE%20%D0%9A%D0%B0%D0%B7%D0%B8%D0%BD%D0%BE\u0026uid=\u0026en=customerRegistrationStart\u0026_c=1\u0026ep.event_country=NO\u0026ep.platform_type=web\u0026ep.device_type=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0)%20Gecko%2F20100101%20Firefox%2F134.0\u0026ep.web_version=6.131.3\u0026ep.theme=DARK\u0026ep.full_url=https%3A%2F%2Fleon75.bet%2Fregistration%3Fqtag%3Da34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\u0026ep.previous_page_url=https%3A%2F%2Fleon75.bet%2F\u0026ep.main_domain=leon75.bet\u0026ep.lead_section=home\u0026ep.event_category=registration\u0026epn.event_timestamp=1772343625775\u0026ep.event_action=Registration%20start\u0026ep.website_product=li\u0026ep.website_skin=default\u0026ep.website_locale=ru_KZ\u0026tfd=8542 HTTP/1.1\r\nHost: region1.analytics.google.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nContent-Length: 0\r\n\r\n","headers":null,"cookies":null,"method":"POST"},"response":{"raw":"HTTP/2 204 No Content\r\naccess-control-allow-origin: https://leon75.bet\r\ndate: Sun, 01 Mar 2026 05:40:31 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\naccess-control-allow-credentials: true\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:171:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsggc:171:0\r\nreport-to: {\"group\":\"ascnsrsggc:171:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:171:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":107,"timings":{"blocked":36,"dns":0,"connect":11,"send":0,"wait":19,"receive":0,"ssl":35},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pool.liftdsp.com/ul_cb/pixel?id=154038\u0026t=js\u0026sink_id=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5\u0026\u0026timestamp=2026-03-01T05:40:31.149Z\u0026fire_id=1772343631149-c0a0ea76-6b10-4f63-992d-65ce78237fce","fqdn":"pool.liftdsp.com","domain":"liftdsp.com","tld":"com"},"ip":{"addr":"35.206.140.87","port":443,"asn":15169,"as":"GOOGLE","country":"Belgium","country_code":"BE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:32.274Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"pool.liftdsp.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M03","organization":"Amazon"},"validity":{"start":"Thu, 04 Sep 2025 00:00:00 GMT","end":"Sat, 03 Oct 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E9:D1:1F:8C:03:79:86:40:F2:82:80:03:91:2F:F5:D3:BE:9E:80:E6","sha256":"45:A8:F2:04:BC:98:4C:A8:E1:9A:B1:A0:3F:CF:0A:6A:43:2C:B4:D6:CC:5C:26:2E:59:FD:FC:B1:AE:AE:58:26"}}},"request":{"raw":"GET /ul_cb/pixel?id=154038\u0026t=js\u0026sink_id=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5\u0026\u0026timestamp=2026-03-01T05:40:31.149Z\u0026fire_id=1772343631149-c0a0ea76-6b10-4f63-992d-65ce78237fce HTTP/1.1\r\nHost: pool.liftdsp.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-length: 0\r\ncontent-type: text/javascript; charset=UTF-8\r\ndate: Sun, 01 Mar 2026 05:40:32 GMT\r\nvia: 1.1 google\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Google Cloud CDN","description":"Cloud CDN uses Google's global edge network to serve content closer to users.","website":"https://cloud.google.com/cdn","common_platform_enumeration":"","icon":"google-cloud-cdn.svg","categories":["CDN"]},{"name":"Google Cloud","description":"Google Cloud is a suite of cloud computing services.","website":"https://cloud.google.com","common_platform_enumeration":"cpe:2.3:a:google:cloud_platform:*:*:*:*:*:*:*:*","icon":"Google Cloud.svg","categories":["IaaS"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/javascript; charset=UTF-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":29,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":29,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-2/betline/daily-combo?ctag=ru-KZ\u0026locale=ru_KZ","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.773Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"GET /api-2/betline/daily-combo?ctag=ru-KZ\u0026locale=ru_KZ HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: application/json\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3409,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"9c64c561f8fe43c8c22c2286dfe74ce8","sha1":"7d33f51e6a4a4a61d0f9375795206a80ef418d1e","sha256":"74d66549f1c7fa01508d21681c33d7c41db2558b0ad9044f94a23853be6a4628","sha512":"5373e131948d81e8bed1557a6bb2b3d50887030d995a23d6451bca6c871bbe67ed7fc26de162c802bedb2617887b554ba1ad9f0e1ba96bedc5da43f35b5660a3","ssdeep":"","tlshash":"5d61f32e078c1dffc78005ddad6b7e2a61f9112765c1dd06e07ecfd86230a59302294e","first_seen":"2026-03-01T05:41:07.36676Z","last_seen":"2026-03-01T05:41:07.36676Z","times_seen":1,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.273Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 495\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":495,"data":"[{\"id\":\"6397550e-56f9-408a-b5ae-160f00785881\",\"qKey\":\"78de0be6-1179\",\"operationName\":\"getBanner\",\"variables\":{\"options\":{\"groupId\":\"1\",\"id\":\"3326\",\"ts\":0}}},{\"id\":\"1e3523aa-401e-49eb-a2db-34d29e2878bc\",\"qKey\":\"78de0be6-1179\",\"operationName\":\"getBanner\",\"variables\":{\"options\":{\"groupId\":\"1\",\"id\":\"3327\",\"ts\":0}}},{\"id\":\"b49d64cf-1b1a-43b4-a322-348f2b350c4e\",\"qKey\":\"1a9cc015-159\",\"operationName\":\"getCmsContentTranslations\",\"variables\":{\"options\":{\"key\":\"WEB2_REGISTRATION_CAUTION_V2\",\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:26 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6293,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"5bfe5fff3c59a2314b6b8e206ec08908","sha1":"fcd0b5367cacd04671b4503047a789dd12c6a9dd","sha256":"a0e1b78cb21b995cec9a239526c9e07b35d1a43fce392148d5988fdbba3c93d8","sha512":"0f8eba27ce52659a85cb912545462bd3c6489166a971598ea0e790403f0981cd05f6e430d9c11fd39c0e31fec1c2dd49602750ee12fa76fbbc93813fd44d205b","ssdeep":"192:Elbo91E/7o7z70717e7x76SygTg+CwCfU67m7V7+7T7U737RfmhpzJ7vHCgCY:T3q7o7z70717e7x76WLCwCl7m7V7+7Tp","tlshash":"74d1736b4a5c1c7fd34d6089786f795a381e3067a2c0ef5422ef5f6861f4a7a013305d","first_seen":"2026-03-01T05:41:07.367616Z","last_seen":"2026-03-01T05:41:07.367616Z","times_seen":1,"resource_available":false,"data":null}},"time_used":56,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":56,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.googletagmanager.com/td?id=G-JZZNGY93CC\u0026v=3\u0026t=t\u0026pid=1077871270\u0026gtm=45je62p1h1v871047016za20gzb890860847zd890860847\u0026seq=2\u0026exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026dl=leon75.bet%2Fregistration\u0026tdp=G-JZZNGY93CC;71047016;1;6;0\u0026mde=G-JZZNGY93CC;17_2;19_1;47_1;61_1\u0026tdc=G-JZZNGY93CC*G-JZZNGY93CC\u0026z=0","fqdn":"www.googletagmanager.com","domain":"googletagmanager.com","tld":"com"},"ip":{"addr":"142.251.143.136","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:31.336Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google-analytics.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:36:37 GMT","end":"Mon, 27 Apr 2026 08:36:36 GMT"},"fingerprint":{"sha1":"8B:BA:E2:19:5D:6C:81:59:ED:D8:AA:3B:2D:5F:A3:A2:C8:A1:E3:DF","sha256":"B0:8C:FC:C1:98:34:EB:0E:FF:AB:13:B4:9E:AA:B1:7E:02:11:9A:93:31:F2:A1:0F:23:9E:2B:C3:6F:EC:26:F8"}}},"request":{"raw":"GET /td?id=G-JZZNGY93CC\u0026v=3\u0026t=t\u0026pid=1077871270\u0026gtm=45je62p1h1v871047016za20gzb890860847zd890860847\u0026seq=2\u0026exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026dl=leon75.bet%2Fregistration\u0026tdp=G-JZZNGY93CC;71047016;1;6;0\u0026mde=G-JZZNGY93CC;17_2;19_1;47_1;61_1\u0026tdc=G-JZZNGY93CC*G-JZZNGY93CC\u0026z=0 HTTP/1.1\r\nHost: www.googletagmanager.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 204 No Content\r\ndate: Sun, 01 Mar 2026 05:40:31 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: text/plain\r\ncross-origin-resource-policy: cross-origin\r\ncontent-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:46:0\r\ncross-origin-opener-policy-report-only: same-origin; report-to=ascnsrsgtc:46:0\r\nreport-to: {\"group\":\"ascnsrsgtc:46:0\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:46:0\"}],}\r\nserver: Golfe2\r\ncontent-length: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"204","status_text":"No Content","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":41,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":40,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/d1f76d1e.d.m.Doz6eonD.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.439Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/d1f76d1e.d.m.Doz6eonD.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 1615\r\ntraceparent: 00-6b6f3b0ec769e373e3cade68b42ad31b-0f77ba9f8b40d94d-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-64f\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":3743,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (3692)","md5":"6ad8d58c5f41b59772324dee886d8c58","sha1":"236a0c9de368717b68ba5e18dd07f5ab2720c8c1","sha256":"2b41c98e6be27b9e8b48716ae8306f774fa303b6b9a1e488cb6724e048a538ff","sha512":"24fbbc9be4af27f99463c3932ca58b519b7db2e02bae8ca29f69eda78ee7a4061b209ca48c6b0524d02c87ed408558f9bd3a50514ed631f4f33727741e0ce7a6","ssdeep":"","tlshash":"e771f9af7fb9e536418286f2b03d72459234915c7025c46061acafca3a67fe05db1f0d","first_seen":"2026-02-26T15:36:50.776882Z","last_seen":"2026-03-01T05:41:07.368458Z","times_seen":4,"resource_available":true,"data":null}},"time_used":43,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/assets/fc6a7b48.B4ZejxGq.css","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:25.087Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /assets/fc6a7b48.B4ZejxGq.css HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: text/css\r\ncontent-length: 4684\r\ntraceparent: 00-16ce459ceaf01d075190f5a7b2b140aa-17e17e33407afae1-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-124c\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\ncache: MISS\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":25586,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (25585)","md5":"8c4203bf41839dc8aa9b7adec1f198c4","sha1":"574d56162d69acd4f1a969b1bdbbeb96550b1c32","sha256":"7734e3844f30bd1dc1e08be1d090c294943f94806617e3adfe35ed4fd52705a0","sha512":"d3a231b14facee258b36d757714ba5ccb4ec5187bd0ed73467fa084a11aa33339943c8221964140c02c92de0efe97951a1a5bb2d09cd7a4adf3ebdba0bc232ad","ssdeep":"384:q8pPYtpOjTYUs0IRp2UwqIt+2owzL9X/lwNqt6c6vdCKGdWDZrvzskzQCqygDVu7:T8wv9vOM69V8csx09G0","tlshash":"d8b2834aad90b27ff967fb0ee0e1f649b1544c039c92925be5ab463dc3c36d19252b0c","first_seen":"2026-02-26T15:36:50.691681Z","last_seen":"2026-03-04T11:29:43.052395Z","times_seen":5,"resource_available":false,"data":null}},"time_used":129,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":129,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"wss","addr":"leon75.bet/subscriptions?platform=web\u0026skin=default","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"websocket","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.088Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"GET /subscriptions?platform=web\u0026skin=default HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nSec-WebSocket-Version: 13\r\nOrigin: https://leon75.bet\r\nSec-WebSocket-Extensions: permessage-deflate\r\nSec-WebSocket-Key: 43HDdRUIfTKB3VOS5z9JqA==\r\nDNT: 1\r\nConnection: keep-alive, Upgrade\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK\r\nSec-Fetch-Dest: websocket\r\nSec-Fetch-Mode: websocket\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\nUpgrade: websocket\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 101 Switching Protocols\r\nServer: nginx/1.27.5\r\nDate: Sun, 01 Mar 2026 05:40:26 GMT\r\nConnection: upgrade\r\nVary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers\r\nupgrade: websocket\r\nsec-websocket-accept: 94LpflrOG3PdR4I27UivY9UEZLg=\r\nStrict-Transport-Security: max-age=31536000; includeSubDomains\r\n\r\n","headers":null,"cookies":null,"status_code":"101","status_text":"Switching Protocols","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]},{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":-1,"dns":1,"connect":21,"send":0,"wait":52,"receive":0,"ssl":30},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.227Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/roboto/v51/KFO7CnqEu92Fr1ME7kSn66aGLdTylUAMa3iUBGEe.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 23664\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 20:03:02 GMT\r\nexpires: Wed, 24 Feb 2027 20:03:02 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Wed, 18 Feb 2026 19:51:36 GMT\r\ncontent-type: font/woff2\r\nage: 380244\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":23664,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 23664, version 1.0","md5":"f92ee388273b5931a1b09a41d3906a3a","sha1":"d38fbadd1b1ceccffbfb43f677698f3a7112f0b4","sha256":"481dd0c01e6bbb129fd147eb5d8571016193cba141c4627ca60ceabdb5a46ea8","sha512":"a3a042b0a845b46de4c272bca16e48d5f332386dc3d4e6e8cf4ebc63238950c265d5a1b3955d257ff12fa3ced224ff11818385256786612130bd35dbd5fe2033","ssdeep":"384:GnNWef/I43MJlQUfZZgeoBpKtbPjHdLE+igeN/T67+mFirVAfPdixSNCsugG3iMF:GsCvIOUfZaeoytbZLE+i9pT67+/rVSdO","tlshash":"96b2e012e6c8bdf6e0c1093e25317ecb298fd9eba8724c624c1ab95d339257c5819d4c","first_seen":"2026-02-19T22:49:57.285177Z","last_seen":"2026-04-04T14:12:40.664151Z","times_seen":3204,"resource_available":false,"data":null}},"time_used":12,"timings":{"blocked":1,"dns":0,"connect":0,"send":0,"wait":10,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.gstatic.com/s/rubik/v31/iJWKBXyIfDnIV7nPrXyw1W3fxIlGzg.woff2","fqdn":"fonts.gstatic.com","domain":"gstatic.com","tld":"com"},"ip":{"addr":"172.217.21.163","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:26.408Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gstatic.com","organization":""},"issuer":{"commonName":"WR2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:00 GMT","end":"Mon, 27 Apr 2026 08:37:59 GMT"},"fingerprint":{"sha1":"43:A0:56:D7:CE:45:C9:96:6F:34:12:13:53:CC:34:DD:63:FB:5D:20","sha256":"A4:AF:37:76:AF:D3:DB:1B:79:93:8F:E9:D4:21:4B:BA:43:54:3D:F9:56:DC:18:E9:5C:CA:1A:7C:B2:C7:DF:9B"}}},"request":{"raw":"GET /s/rubik/v31/iJWKBXyIfDnIV7nPrXyw1W3fxIlGzg.woff2 HTTP/1.1\r\nHost: fonts.gstatic.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://fonts.googleapis.com/\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\naccept-ranges: bytes\r\naccess-control-allow-origin: *\r\ncontent-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes\r\ncross-origin-resource-policy: cross-origin\r\ncross-origin-opener-policy: same-origin; report-to=\"apps-themes\"\r\nreport-to: {\"group\":\"apps-themes\",\"max_age\":2592000,\"endpoints\":[{\"url\":\"https://csp.withgoogle.com/csp/report-to/apps-themes\"}]}\r\ntiming-allow-origin: *\r\ncontent-length: 19480\r\nx-content-type-options: nosniff\r\nserver: sffe\r\nx-xss-protection: 0\r\ndate: Tue, 24 Feb 2026 17:22:00 GMT\r\nexpires: Wed, 24 Feb 2027 17:22:00 GMT\r\ncache-control: public, max-age=31536000\r\nlast-modified: Tue, 09 Sep 2025 18:38:21 GMT\r\ncontent-type: font/woff2\r\nage: 389906\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":19480,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 19480, version 1.0","md5":"bc0d51a55b8ad173adca939390c96045","sha1":"ab757e9eec9f39949afd92e0d2d2ef02f4a859e1","sha256":"d1ee519d0cac55030ec7cc0927a7e57e324d40a5eee5024dde5ed107d888aa46","sha512":"206f7610005d160e3af9fe67ece56868a8f5f2e0afd53ce7a34d022a7832f0100f72779139ea37265c23cbd690e680694cd6c264c198266a1bc561801f0eaf5b","ssdeep":"384:2/bUzzda1Rx/5cod5RQDLZjNObIbbkzJulFGzk5mm+KCnirm6:YUzpMRx/5HRCF34zIFkk0mOl6","tlshash":"9992f1123267a804c15c3a39f67e8e03e2f84a2a35b595a0f95f16d8831c2787126cbf","first_seen":"2025-09-10T18:44:19.134845Z","last_seen":"2026-04-04T03:43:37.767105Z","times_seen":1289,"resource_available":false,"data":null}},"time_used":15,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":12,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,100..900;1,100..900\u0026display=swap\u0026family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400\u0026display=swap\u0026family=Mulish:wght@400;700;900\u0026display=swap\u0026family=Prompt:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900\u0026display=swap\u0026family=Oswald:wght@200..700\u0026display=swap\u0026family=Rubik:ital,wght@0,300..900;1,300..900\u0026display=swap\u0026family=Pacifico\u0026display=swap","fqdn":"fonts.googleapis.com","domain":"fonts.googleapis.com","tld":"googleapis.com"},"ip":{"addr":"142.250.178.74","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:22.777Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"upload.video.google.com","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:38:07 GMT","end":"Mon, 27 Apr 2026 08:38:06 GMT"},"fingerprint":{"sha1":"6B:DB:3B:B8:9F:A1:8E:49:35:74:D9:D8:24:91:F2:5E:42:56:2F:58","sha256":"37:ED:DF:C4:FB:A3:96:16:9E:47:69:CE:86:A5:35:8E:B5:3A:0B:0B:6A:A1:08:A2:DF:DE:6C:7C:31:BE:94:B1"}}},"request":{"raw":"GET /css2?family=Roboto+Condensed:ital,wght@0,100..900;1,100..900\u0026display=swap\u0026family=Roboto:ital,wght@0,300;0,400;0,500;0,700;1,400\u0026display=swap\u0026family=Mulish:wght@400;700;900\u0026display=swap\u0026family=Prompt:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900\u0026display=swap\u0026family=Oswald:wght@200..700\u0026display=swap\u0026family=Rubik:ital,wght@0,300..900;1,300..900\u0026display=swap\u0026family=Pacifico\u0026display=swap HTTP/1.1\r\nHost: fonts.googleapis.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: text/css; charset=utf-8\r\nvary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site\r\naccess-control-allow-origin: *\r\ntiming-allow-origin: *\r\nlink: \u003chttps://fonts.gstatic.com\u003e; rel=preconnect; crossorigin\r\nstrict-transport-security: max-age=31536000\r\nexpires: Sun, 01 Mar 2026 05:40:23 GMT\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncache-control: private, max-age=86400\r\ncross-origin-opener-policy: same-origin-allow-popups\r\ncross-origin-resource-policy: cross-origin\r\ncontent-encoding: gzip\r\nserver: ESF\r\nx-xss-protection: 0\r\nx-frame-options: SAMEORIGIN\r\nx-content-type-options: nosniff\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"HSTS","description":"HTTP Strict Transport Security (HSTS) informs browsers that the site should only be accessed using HTTPS.","website":"https://www.rfc-editor.org/rfc/rfc6797#section-6.1","common_platform_enumeration":"","icon":"","categories":["Security"]}],"data":{"size":75365,"size_decoded":0,"mime_type":"text/css; charset=utf-8","magic":"ASCII text, with very long lines (1572)","md5":"56bcb2ad9939efbe2c969346b0152b9a","sha1":"7a4afccf58bf029d9f10457d5faf1dc0094cb78c","sha256":"e56c03cef6c4ed2ad4c5cdeea6ec1686dc2cad70a70dd85d3446cec33775e83e","sha512":"993c88d81590b289ce72e70a3b849e6ac4b35e5e3ebe233a5dec368a704ccf4e196cb324da234d5a2dd82438f394c921a23960cb59226af09997a67e70626825","ssdeep":"768:KuujH72NuwEIwLu2ieQ3HDaZzcqj69tha4L8sEDS99YURRuWDyjooYhREHPM5svk:KuGH72NFEIwLzie2Uyll3","tlshash":"2773fda1041b9500eb871cc223cf7e36ee4ea2617051c179affd1a9aecebc62536475d","first_seen":"2026-02-26T15:36:50.796393Z","last_seen":"2026-03-31T00:45:46.222125Z","times_seen":17,"resource_available":false,"data":null}},"time_used":476,"timings":{"blocked":206,"dns":1,"connect":29,"send":0,"wait":54,"receive":0,"ssl":183},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"www.google.no/ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-JZZNGY93CC\u0026cid=1485598974.1772343631\u0026gtm=45je62p1h1v871047016z8890860847za20gzb890860847zd890860847\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026z=1316702820","fqdn":"www.google.no","domain":"google.no","tld":"no"},"ip":{"addr":"142.250.178.67","port":443,"asn":15169,"as":"GOOGLE","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:30.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.google.no","organization":""},"issuer":{"commonName":"WE2","organization":"Google Trust Services"},"validity":{"start":"Mon, 02 Feb 2026 08:39:49 GMT","end":"Mon, 27 Apr 2026 08:39:48 GMT"},"fingerprint":{"sha1":"CE:42:4E:D1:C8:99:18:01:BA:4D:0B:75:5E:F8:41:9B:7C:98:09:87","sha256":"B3:D9:56:1E:11:C2:75:BC:1A:B0:66:E1:E3:F3:0F:B7:9B:EE:05:A4:69:10:AA:BC:34:28:C0:22:FC:AA:40:9A"}}},"request":{"raw":"GET /ads/ga-audiences?v=1\u0026t=sr\u0026slf_rd=1\u0026_r=4\u0026tid=G-JZZNGY93CC\u0026cid=1485598974.1772343631\u0026gtm=45je62p1h1v871047016z8890860847za20gzb890860847zd890860847\u0026aip=1\u0026dma=1\u0026dma_cps=syphamo\u0026gcd=13l3lPl2l1l1\u0026npa=1\u0026frm=0\u0026tag_exp=103116026~103200004~104527907~104528501~104573694~104684208~104684211~115616986~115938466~115938468~116024734~117611006\u0026z=1316702820 HTTP/1.1\r\nHost: www.google.no\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\np3p: policyref=\"https://www.googleadservices.com/pagead/p3p.xml\", CP=\"NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC\"\r\ntiming-allow-origin: *\r\ncross-origin-resource-policy: cross-origin\r\ndate: Sun, 01 Mar 2026 05:40:31 GMT\r\npragma: no-cache\r\nexpires: Fri, 01 Jan 1990 00:00:00 GMT\r\ncache-control: no-cache, no-store, must-revalidate\r\ncontent-type: image/gif\r\nx-content-type-options: nosniff\r\nserver: cafe\r\ncontent-length: 42\r\nx-xss-protection: 0\r\nalt-svc: h3=\":443\"; ma=2592000,h3-29=\":443\"; ma=2592000\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":42,"size_decoded":0,"mime_type":"image/gif","magic":"GIF image data, version 89a, 1 x 1","md5":"d89746888da2d9510b64a9f031eaecd5","sha1":"d5fceb6532643d0d84ffe09c40c481ecdf59e15a","sha256":"ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629","sha512":"d5da26b5d496edb0221df1a4057a8b0285d15592a8f8dc7016a294df37ed335f3fde6a2252962e0df38b62847f8b771463a0124ef3f84299f262ed9d9d3cee4c","ssdeep":"","tlshash":"c4900023fa808000c3a8c2300a0b238a2b8c80200a28030b80ae208cec3a3a22c03020","first_seen":"2023-04-05T02:54:03Z","last_seen":"2026-04-04T14:48:41.416319Z","times_seen":763370,"resource_available":true,"data":null}},"time_used":276,"timings":{"blocked":108,"dns":6,"connect":34,"send":0,"wait":48,"receive":0,"ssl":71},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/favicon/favicon-228.png","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.285Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"GET /favicon/favicon-228.png HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: image/png\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: W/\"699d821c-e4c\"\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":3660,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 228 x 228, 8-bit/color RGBA, non-interlaced","md5":"c565bfb0d2b161d0b15e3a5b4e6ddec1","sha1":"02b2e975911f913cd604af7c48628d216eae73e5","sha256":"f54df6349b3aae33b002f4c28bac23076606c4d99b86167d7d796069f7c115cb","sha512":"b315def9b6e768fb0dd4e667a81c954a3f35090b4eef9c12a46428433447eb226f227c9402334c0ae8ef6ae3c02b775ccf7d881b1140a23d6eed5fccefa82954","ssdeep":"","tlshash":"3d717ddddde878c66985742cce9b518ce0854b5073c5a1ad6e90d87254052236c7e74e","first_seen":"2023-12-10T15:49:18Z","last_seen":"2026-03-29T15:19:13.454848Z","times_seen":117,"resource_available":false,"data":null}},"time_used":52,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":52,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/f7f245f3.d.m.7Mk78PX4.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.400Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/f7f245f3.d.m.7Mk78PX4.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 56160\r\ntraceparent: 00-be876dc271a23d00326ed38d01433b5b-925d1370455049f4-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-db60\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]},{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":337818,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, Unicode text, UTF-8 text, with very long lines (37030)","md5":"f153fa5f0da8bd6f795ffdfb4b234623","sha1":"054c09904724e9c7771ddfdc3596ab32bfdb57c8","sha256":"c15e042f8989af29a0bc0ca34f0d6c7c413f4446bab0648858587f2e0b0c5aed","sha512":"56d92b00020bcd98a608bdfb2a1680b8043b95b2c46550a2bbb89af6f1c0e810658f66715a7bf80813423036701aa497cb3b82644df1af91683789cbd56716fc","ssdeep":"6144:mMvOVJHxMVg5W8fR/nXUBL5uz2opBdrhm:mMOVJmy5WoDdm","tlshash":"cc74a819e7526eeb36b0391e712b27e3603247113f61c2b601d64b393e2f84df2665b6","first_seen":"2026-02-26T15:36:50.746045Z","last_seen":"2026-03-01T05:41:07.372029Z","times_seen":4,"resource_available":true,"data":null}},"time_used":13,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":10,"receive":3,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-1","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:41.128Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"POST /api-1 HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu\r\ncontent-type: application/json\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nContent-Length: 157\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK; shield_FPC=SCNMEB9MUck6VKxXhFKhJbBmB4lxQU7ivJ; _ga_JZZNGY93CC=GS2.1.s1772343630$o1$g1$t1772343630$j60$l0$h0; _ga=GA1.1.1485598974.1772343631; pixelsink_uid=4103cfe5-ac2f-4a9d-99ee-bde8f37218f5; intercom-id-cnjqphyx=85381ab1-a36d-4721-b8a9-31da0a6aeb3e; intercom-session-cnjqphyx=; intercom-device-id-cnjqphyx=73ea108a-a9be-4949-8c19-bbffe60d1c88\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":157,"data":"[{\"id\":\"eb585b17-7cb2-4a5c-9d85-0c53ab304150\",\"qKey\":\"78de0be6-1179\",\"operationName\":\"getBanner\",\"variables\":{\"options\":{\"groupId\":\"1\",\"id\":\"3326\",\"ts\":0}}}]"}},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:41 GMT\r\ncontent-type: application/json;charset=UTF-8\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\ncontent-language: en-US\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":2852,"size_decoded":0,"mime_type":"application/json; charset=UTF-8","magic":"JSON text data","md5":"e9e6449bd1ced4946247ee40dfc02ca3","sha1":"b44816c56cd2bad6afacdfee98531d6af32b499d","sha256":"441be39aacbe561f306865d01851c4f8d98d232e3791228e78c44111e07d0b65","sha512":"42aff8a4cb5e5f8d01f46a9e34cd028375eb67e301982c804f5335b8cf6c00a9f5b4f22a89c06bb646e7b78d4a15f1e89e347da8c2f8600b473e969bbd789ece","ssdeep":"","tlshash":"6251549b478c1c7ed30a61ca78bf3925285e2127a6c1ef5861da4f7832f5e7b013205d","first_seen":"2026-03-01T05:41:07.372999Z","last_seen":"2026-03-01T05:41:07.372999Z","times_seen":1,"resource_available":false,"data":null}},"time_used":63,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"mrspeedtime.gcdn.co/js/1788f952.d.m.DfY5zcfv.js","fqdn":"mrspeedtime.gcdn.co","domain":"gcdn.co","tld":"co"},"ip":{"addr":"80.240.113.62","port":443,"asn":199524,"as":"G-Core Labs S.A.","country":"Sweden","country_code":"SE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:23.440Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.gcdn.co","organization":"G-Core Innovations S.a.r.l"},"issuer":{"commonName":"DigiCert Global G3 TLS ECC SHA384 2020 CA1","organization":"DigiCert Inc"},"validity":{"start":"Mon, 14 Jul 2025 00:00:00 GMT","end":"Fri, 14 Aug 2026 23:59:59 GMT"},"fingerprint":{"sha1":"31:C3:DA:25:B0:1F:33:33:70:56:0C:EA:55:D2:CE:7E:B6:E4:8C:71","sha256":"17:C0:97:35:7B:85:89:7F:7C:67:5A:29:D2:64:8E:CE:C3:78:A2:23:B5:1B:87:3D:D1:C6:DC:C7:3A:04:1C:CB"}}},"request":{"raw":"GET /js/1788f952.d.m.DfY5zcfv.js HTTP/1.1\r\nHost: mrspeedtime.gcdn.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nOrigin: https://leon75.bet\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://mrspeedtime.gcdn.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx\r\ndate: Sun, 01 Mar 2026 05:40:23 GMT\r\ncontent-type: application/javascript\r\ncontent-length: 8819\r\ntraceparent: 00-5bba79321787eed5ec8152abbb589e63-6d4d0ad20a707ae0-01\r\nlast-modified: Tue, 24 Feb 2026 10:49:00 GMT\r\netag: \"699d821c-2273\"\r\ncontent-encoding: br\r\nexpires: Thu, 31 Dec 2037 23:55:55 GMT\r\ncache-control: max-age=315360000, public\r\naccess-control-allow-origin: *\r\nvary: Accept-Encoding\r\nx-id: sto5-hw-edge-gc17\r\nage: 66633\r\ncache: HIT\r\nx-cached-since: 2026-02-28T11:09:50+00:00\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":23637,"size_decoded":0,"mime_type":"application/javascript","magic":"JavaScript source, ASCII text, with very long lines (23586)","md5":"633edfefaa187401ffaaec87b2f3e1d1","sha1":"b66d081eac97ae4f96c94e6d3a6b568ea6d3cc0b","sha256":"a53d97d8684adbd4ec41cdb15b5e45fbb2de47aabe652a54e0f591c32fc80888","sha512":"50476afae9e8c9b6114a33f70a37370721ebf74cb0f0167a3400f2aea36da5daf756676966a108ba16086d2b8b752ad3a3bed260951137a6b3706566fe51a4c0","ssdeep":"384:ZwndR13uJ4p7/Jrz77+CHz8pZ3eTlSN++5Fi75sOHCWqJZQeiAdv7KQlVCeYjEth:KndaKpzVz77+CHz8p0xSNL5FIsOHC5J3","tlshash":"7cb2e6e93282707687e60ae5907b1106f2361dd5384e94d0b12ca9e73c33d9d82bbf6d","first_seen":"2026-02-26T15:36:50.750654Z","last_seen":"2026-03-01T05:41:07.37383Z","times_seen":5,"resource_available":true,"data":null}},"time_used":44,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":43,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"leon75.bet/api-2/betline/headline-matches?ctag=ru-KZ\u0026flags=reg,urlv2,orn2,mm2,rrc\u0026merged=true","fqdn":"leon75.bet","domain":"leon75.bet","tld":"bet"},"ip":{"addr":"167.71.65.15","port":443,"asn":14061,"as":"DIGITALOCEAN-ASN","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:24.900Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"leon75.bet","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 13 Jan 2026 07:03:44 GMT","end":"Mon, 13 Apr 2026 07:03:43 GMT"},"fingerprint":{"sha1":"92:44:1B:B8:18:0C:72:CF:E7:D6:23:02:E6:87:EA:DF:C8:6B:E9:BF","sha256":"17:D9:AF:B6:D8:F0:5F:38:3C:BC:16:CB:97:55:3C:04:B7:90:0F:74:26:D6:48:DD:28:43:FC:B0:65:60:E5:79"}}},"request":{"raw":"GET /api-2/betline/headline-matches?ctag=ru-KZ\u0026flags=reg,urlv2,orn2,mm2,rrc\u0026merged=true HTTP/1.1\r\nHost: leon75.bet\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://leon75.bet/\r\nx-app-platform: web\r\nx-app-rendering: csr\r\nx-app-modernity: modern\r\nx-app-env: prod\r\nx-app-skin: default\r\nx-app-layout: desktop\r\nx-app-os: windows\r\nx-app-browser: firefox\r\nx-app-version: 6.131.3\r\nx-requested-uri: /ru-kz/registration\r\nx-app-language: ru_KZ\r\nx-app-theme: DARK\r\nDNT: 1\r\nConnection: keep-alive\r\nCookie: eua=syFTG5xheOkWSiUoL5sV8yfzua4kTECFRduchPnoWjnDn0T+gC2uaXKJsbzQIdC9Ryq2v8H+n+KOfsP4UbX1VkR1z5RFvfOlzs9ocFsIMnG0vK79Lp72Sv59H/+3fZdvEKkU5xU3UxGfLOLJ003AygswpTFsOc8o1xPlT/ZdOhA+C2ClRWvmbbNfAq5cfMCsCeqhBLcy3hsM2rAdP/z5j5B7mA+SV+1wKzFwwI1IfqjsmBE=; ABTestSeed=70; qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu; qtag_rfrr=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu-null; ipfrom=91.90.42.154; x-app-language=ru_KZ; firstTheme=DARK\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\nserver: nginx/1.27.5\r\ndate: Sun, 01 Mar 2026 05:40:24 GMT\r\ncontent-type: application/json\r\nvary: origin,access-control-request-method,access-control-request-headers,accept-encoding\r\nx-content-type-options: nosniff\r\nx-xss-protection: 0\r\ncache-control: no-cache, no-store, max-age=0, must-revalidate\r\npragma: no-cache\r\nexpires: 0\r\nx-frame-options: SAMEORIGIN\r\ncontent-encoding: gzip\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.27.5","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":117541,"size_decoded":0,"mime_type":"application/json","magic":"Unicode text, UTF-8 text, with very long lines (62691), with no line terminators","md5":"a3c31355bd543d577bf1a32d1cf6ccd5","sha1":"809b8dc2b05c3541efd28f4d446d5fa2e49c73d7","sha256":"1b853c311c48a2688d0a83fec44bc8deb7eaf4372cabf7a2166804ac227c7ebe","sha512":"23dc59a02851f72a54ac212a5ff21741a0876d4caef13ae620b993a4fb462e05afc22b117ec1475956678a8fdcabc4b2f0c3c8d8ed859851c0d75e7bd886ae2f","ssdeep":"3072:ZkxexcOlyh/Y/sO3oVREUnp/+W4/ozaSjjAkHyF:ZkxexcOlyh/Y/sO3oVREUnp/+W4/oza/","tlshash":"c1b3ef1863081dbdd7622899cd8b6fb619c4537fbfd8da42b6f8cac431b52ae112111f","first_seen":"2026-03-01T05:41:07.322695Z","last_seen":"2026-03-01T05:41:07.322695Z","times_seen":1,"resource_available":false,"data":null}},"time_used":54,"timings":{"blocked":5,"dns":0,"connect":0,"send":0,"wait":49,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"pixel-us.r2drtb.com/pixel?auth=d796s9\u0026event=regstarted\u0026site=leon75.bet\u0026ln=en-US","fqdn":"pixel-us.r2drtb.com","domain":"r2drtb.com","tld":"com"},"ip":{"addr":"88.214.195.101","port":443,"asn":46636,"as":"NATCOWEB","country":"United Kingdom","country_code":"GB"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:31.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.r2drtb.com","organization":""},"issuer":{"commonName":"Sectigo Public Server Authentication CA DV R36","organization":"Sectigo Limited"},"validity":{"start":"Thu, 26 Jun 2025 00:00:00 GMT","end":"Wed, 08 Jul 2026 23:59:59 GMT"},"fingerprint":{"sha1":"D0:48:15:25:D2:83:00:DD:7D:70:07:A2:B0:40:FB:88:E5:9B:C3:05","sha256":"59:30:1A:64:93:31:49:89:58:C3:C8:2E:88:12:01:02:54:8C:F0:86:A1:40:B7:58:E0:4A:3B:ED:8D:8F:9F:A0"}}},"request":{"raw":"GET /pixel?auth=d796s9\u0026event=regstarted\u0026site=leon75.bet\u0026ln=en-US HTTP/1.1\r\nHost: pixel-us.r2drtb.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx\r\nDate: Sun, 01 Mar 2026 05:40:31 GMT\r\nContent-Length: 0\r\nConnection: keep-alive\r\nCache-Control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store\r\nPragma: no-cache\r\nExpires: Sat, 01 Jan 2000 00:00:00 GMT\r\nAccess-Control-Allow-Origin: *\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-04-04T14:49:32.922678Z","times_seen":13335470,"resource_available":true,"data":null}},"time_used":104,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":104,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"widget.intercom.io/widget/cnjqphyx","fqdn":"widget.intercom.io","domain":"intercom.io","tld":"io"},"ip":{"addr":"108.157.229.107","port":443,"asn":16509,"as":"AMAZON-02","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:31.762Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.intercom.com","organization":""},"issuer":{"commonName":"Amazon RSA 2048 M04","organization":"Amazon"},"validity":{"start":"Thu, 13 Nov 2025 00:00:00 GMT","end":"Fri, 11 Dec 2026 23:59:59 GMT"},"fingerprint":{"sha1":"E2:7C:0F:4C:CC:B1:6F:45:04:99:4A:D4:CB:5C:0B:60:CA:75:CD:8E","sha256":"A6:51:D4:CB:51:4E:EF:B9:AD:B6:95:84:A1:3B:92:C1:BF:81:F5:22:36:A3:50:A2:8E:92:09:4A:15:D0:7E:CC"}}},"request":{"raw":"GET /widget/cnjqphyx HTTP/1.1\r\nHost: widget.intercom.io\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ncontent-type: application/javascript; charset=UTF-8\r\ncontent-length: 3164\r\nlast-modified: Sat, 28 Feb 2026 18:30:28 GMT\r\nx-amz-server-side-encryption: AES256\r\ncontent-encoding: gzip\r\nx-amz-version-id: 9bYWEhTnrIwxPadRMtEdzQ2ydnZGkTNA\r\naccept-ranges: bytes\r\nserver: AmazonS3\r\ndate: Sun, 01 Mar 2026 05:36:50 GMT\r\ncache-control: max-age=300, s-maxage=300, public\r\netag: \"d21fb536912d0712092c78a6d8480097\"\r\nx-cache: Error from cloudfront\r\nvia: 1.1 d009c4305a73ef1e26138117423d6076.cloudfront.net (CloudFront)\r\nx-amz-cf-pop: ARN56-P2\r\nalt-svc: h3=\":443\"; ma=86400\r\nx-amz-cf-id: pDb-Vy8_EleRdJ6IjsMsur8FGMHwqSLn5X4VKf2DfmcyfS0vITHuMw==\r\nage: 222\r\ncross-origin-resource-policy: cross-origin\r\nvary: accept-encoding, Origin\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Amazon Web Services","description":"Amazon Web Services (AWS) is a comprehensive cloud services platform offering compute power, database storage, content delivery and other functionality.","website":"https://aws.amazon.com/","common_platform_enumeration":"","icon":"Amazon Web Services.svg","categories":["PaaS"]},{"name":"Amazon CloudFront","description":"Amazon CloudFront is a fast content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency, high transfer speeds.","website":"https://aws.amazon.com/cloudfront/","common_platform_enumeration":"","icon":"Amazon Cloudfront.svg","categories":["CDN"]},{"name":"Amazon S3","description":"Amazon S3 or Amazon Simple Storage Service is a service offered by Amazon Web Services (AWS) that provides object storage through a web service interface.","website":"https://aws.amazon.com/s3/","common_platform_enumeration":"","icon":"Amazon S3.svg","categories":["CDN"]}],"data":{"size":7614,"size_decoded":0,"mime_type":"application/javascript; charset=UTF-8","magic":"JavaScript source, ASCII text, with very long lines (7614), with no line terminators","md5":"af854a90f951ac3fdfc51ddf4cd29fff","sha1":"9c670db542ad54eadfc050ac081b19954d8e82b1","sha256":"2aaef6906303d5768036d6551ee3495dc3544fd7e978ec6136af87283eeff38e","sha512":"6c70751b79eac82b77d6e9b47fbac5f956d7a38c9137a8b5b6e4a6348a19d5250cbae1a24bce0649f3a7c2b18072e62c79e9a899df1317317b800fd4f10a7ee1","ssdeep":"96:v2NH8/xVRyhsXtpZ8HEZgOM09SP0FfpsEZU2jWzfDsJeiMw938I5Zv1JVqUP:v2YVNCH8bMFOaEbjWMMiZ935pqUP","tlshash":"3ff175feb682793806631576623b770c7e3b654528494890d066c8cc7a7adcbc12bfad","first_seen":"2026-02-28T18:53:26.780583Z","last_seen":"2026-03-01T08:51:11.116199Z","times_seen":42,"resource_available":true,"data":null}},"time_used":105,"timings":{"blocked":47,"dns":19,"connect":8,"send":0,"wait":10,"receive":1,"ssl":15},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"d2449.cdn-clients.arviol.com/HRJLWPLB/images/config_logos_v2/scores24_t_30-1770247589885-fd99.png","fqdn":"d2449.cdn-clients.arviol.com","domain":"arviol.com","tld":"com"},"ip":{"addr":"45.155.4.10","port":443,"asn":203755,"as":"Itglobal.com Nl B.v.","country":"The Netherlands","country_code":"NL"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://leon75.bet/ru-kz/registration?qtag=a34309_t39258_c142_sw7ios18ma296pdlgj5054jfu","date":"2026-03-01T05:40:25.380Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.2","cert":{"subject":{"commonName":"cdn-clients.arviol.com","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Tue, 24 Feb 2026 01:02:32 GMT","end":"Mon, 25 May 2026 01:02:31 GMT"},"fingerprint":{"sha1":"23:4F:7D:01:E4:F3:7F:C2:16:03:ED:6A:BD:70:70:66:29:CF:87:71","sha256":"F1:97:F7:9D:D7:F7:F9:3F:DF:BB:CF:70:D3:C1:5E:10:94:07:84:11:D7:9D:EF:43:5A:E5:FE:F6:F8:B9:70:1A"}}},"request":{"raw":"GET /HRJLWPLB/images/config_logos_v2/scores24_t_30-1770247589885-fd99.png HTTP/1.1\r\nHost: d2449.cdn-clients.arviol.com\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://leon75.bet/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Sun, 01 Mar 2026 05:40:25 GMT\r\ncontent-type: image/png\r\ncontent-length: 17710\r\ntraceparent: 00-319658d7613140b1665771d6113df3b1-a2bb777ecce63654-01\r\nlast-modified: Wed, 04 Feb 2026 23:26:29 GMT\r\netag: \"452e-64a07e2c274bb\"\r\nexpires: Sat, 07 Mar 2026 06:00:18 GMT\r\ncache-control: max-age=2592000\r\nx-id: fr5-hw-edge-gc56\r\nage: 4851\r\ncache: HIT\r\nx-cached-since: 2026-02-05T06:00:18+00:00\r\nserver: CDN ITG; cache; ds1, MSK\r\nserver-type: cache; static\r\nlink: \u003chttps://cdnimages3.gcdn.co/HRJLWPLB/images/config_logos_v2/scores24_t_30-1770247589885-fd99.png\u003e; rel=\"canonical\"\r\nx-cache: HIT\r\nserved-by: MSK\r\ncache-ip: 10.155.4.4\r\ncontent-security-policy: upgrade-insecure-requests\r\naccept-ranges: bytes\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Gcore","description":"Gcore is a public cloud and content delivery network (CDN) company.","website":"https://gcore.com","common_platform_enumeration":"","icon":"Gcore.svg","categories":["CDN"]}],"data":{"size":17710,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"bea6fea3c0f3193a59a74efe88e70b85","sha1":"49e152caa5b726fca78b654cf0a7f60b81a1cc68","sha256":"363b006c7d44d6f6223fddc948fc19b0ac87c0b3f0dbe92ef1655ae2a2f947ef","sha512":"3015b81f070aff9720f22dddcc6b1f52ed5df74cd199bbd159b34ebc7f7fa202c507cafeff50af929089476c6b11782f892752c4a35a4a7bc31cb59c351ceae1","ssdeep":"384:jW2QDddgW+ePGzQw0MvkMASUjxqqSqWn1vsU+tfkJTlJxZXskUi+HE:jRQDddgyPG5vkRwwS10z+LHsq+HE","tlshash":"bc82d1c55a5cd3af22d6d4480651b0c0c6f720c6ea96c667272cec302def6b2227bd21","first_seen":"2024-05-15T05:49:44Z","last_seen":"2026-03-01T05:41:07.375122Z","times_seen":9,"resource_available":false,"data":null}},"time_used":368,"timings":{"blocked":145,"dns":37,"connect":32,"send":0,"wait":85,"receive":1,"ssl":64},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}