URL: https://lega.bz/
Submission: On December 03 via api from US — Scanned from CA

Summary

This website contacted 4 IPs in 3 countries across 4 domains to perform 28 HTTP transactions. The main IP is 104.21.25.189, located in and belongs to CLOUDFLARENET, US. The main domain is lega.bz.
TLS certificate: Issued by WE1 on November 13th 2024. Valid for: 3 months.
This is the only time lega.bz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 104.21.25.189 13335 (CLOUDFLAR...)
6 95.181.182.182 210756 (EdgeCente...)
1 213.174.157.151 39572 (ADVANCEDH...)
1 104.21.53.38 13335 (CLOUDFLAR...)
28 4
Domain Requested by
20 lega.bz lega.bz
origin.kzac51-resources.com
6 origin.kzac51-resources.com lega.bz
1 api.userstatics.com lega.bz
1 ust-barguzin.ucoz.ru lega.bz
28 4

This site contains links to these domains. Also see Links.

Domain
legal38.kupi.cam
t.me
Subject Issuer Validity Valid
lega.bz
WE1
2024-11-13 -
2025-02-11
3 months crt.sh
origin.kzac51-resources.com
E5
2024-10-25 -
2025-01-23
3 months crt.sh
*.ucoz.ru
GlobalSign GCC R6 AlphaSSL CA 2023
2024-08-05 -
2025-09-06
a year crt.sh
userstatics.com
WE1
2024-11-19 -
2025-02-17
3 months crt.sh

This page contains 1 frames:

Primary Page: https://lega.bz/
Frame ID: DDEAA42802F87C8513E52222A330F85A
Requests: 28 HTTP requests in this frame

Screenshot

Page Title

LEGAL38

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]+foundation[^>"]+css

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

4
IPs

3
Countries

6682 kB
Transfer

7314 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
lega.bz/
11 KB
3 KB
Document
General
Full URL
https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c10c7063256a1921c15bcb73550775db7ecd64a802c0a515830b0003b4e9ace3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ec4a84e3ad136b0-YYZ
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 03 Dec 2024 15:40:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rw5jkWRBNW79fJURg9ljPGTHBbCGPLZF3oO9f%2FURuauJ8D3dGhv%2FbT6fYQwOM2UJVLN6gNouPGinlrSYUkWAEdQ9XcySRBjN%2Bbv9iEIQ5KqE5kzdQtUNNLlz"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=26304&min_rtt=25733&rtt_var=3701&sent=8&recv=13&lost=0&retrans=0&sent_bytes=3979&recv_bytes=2272&delivery_rate=142188&cwnd=252&unsent_bytes=0&cid=955474e506baf4a5&ts=427&x=0"
vary
Accept-Encoding
o5XhLyNJFZ7u.css
lega.bz/css/
9 KB
2 KB
Stylesheet
General
Full URL
https://lega.bz/css/o5XhLyNJFZ7u.css
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bac905e20fcafb88df3e85a25c9fb63db983638d18629f4a0f221ec8b5d2c332

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"24da-5f4900c287800-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z6rqfyXXRCyaPiFP3UiW5iV%2FVNxhrhe5UbNcRjvASfNLBgpdWckNkxdnaYv5bZ1SXzvBrDt7O7WE3yMkFYNFrdSMaTMh1FUficq3L6weSBbRjWh9FNyxLfCf"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=25784&min_rtt=23999&rtt_var=2984&sent=25&recv=26&lost=0&retrans=0&sent_bytes=13452&recv_bytes=3255&delivery_rate=272893&cwnd=254&unsent_bytes=0&cid=955474e506baf4a5&ts=721&x=0"
date
Tue, 03 Dec 2024 15:40:50 GMT
content-type
text/css
last-modified
Mon, 13 Feb 2023 07:46:40 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a850bd4e36b0-YYZ
accept-ranges
bytes
content-length
1638
server
cloudflare
X3ElSPzf4vgy.css
lega.bz/css/
239 KB
38 KB
Stylesheet
General
Full URL
https://lega.bz/css/X3ElSPzf4vgy.css
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54a443e0475eb060732e7e922b27362f6cb3eade3fcfb9540cca288df18e36e8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"3bb23-5f4900c287800-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=woy44YW9CzTu8faghd5PT3wAmf7rMh%2FZ6Wep%2B31hBYj8VaU8lS%2FDDH7Li15EXshOGLddgNHMb8wlxUTiTo%2BvAlULn%2FWvXUV9i5jJFy%2B6qbpBTqxwUzti9MsW"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=25193&min_rtt=23999&rtt_var=772&sent=56&recv=38&lost=1&retrans=7&sent_bytes=35167&recv_bytes=3255&delivery_rate=930985&cwnd=19&unsent_bytes=0&cid=955474e506baf4a5&ts=825&x=0"
date
Tue, 03 Dec 2024 15:40:51 GMT
content-type
text/css
last-modified
Mon, 13 Feb 2023 07:46:40 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a850bd4f36b0-YYZ
accept-ranges
bytes
content-length
38262
server
cloudflare
73GY7tsub25M.css
lega.bz/css/
754 B
750 B
Stylesheet
General
Full URL
https://lega.bz/css/73GY7tsub25M.css
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eaa90754324d07725df6defce97da8f02e7dbb6de53f2943e021e3ea9672059b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"2f2-5f4900c287800-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YaDRSUoSqaNjJsPtaQqhA5yoNfSKJMzJv8%2F%2BKJAG85gXO%2FOVnLuoKGg9vVpXnLYJb4OGydcvgGiDDDkx1TK3KTujHeFIyBE91f%2BGL%2FWMUh%2B69fss628fMaJF"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=25833&min_rtt=23999&rtt_var=865&sent=106&recv=54&lost=0&retrans=11&sent_bytes=89824&recv_bytes=3255&delivery_rate=154635&cwnd=254&unsent_bytes=0&cid=955474e506baf4a5&ts=2095&x=0"
date
Tue, 03 Dec 2024 15:40:52 GMT
content-type
text/css
last-modified
Mon, 13 Feb 2023 07:46:40 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a850bd5036b0-YYZ
accept-ranges
bytes
content-length
255
server
cloudflare
WdLV1lBPN8kX.css
lega.bz/css/
15 KB
2 KB
Stylesheet
General
Full URL
https://lega.bz/css/WdLV1lBPN8kX.css
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b317951f5d5d687ab8e5ab9255d37bd15889d697d5207ff56ecc9a86f8bda986

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"3a73-5f4900c287800-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uCDDESU%2F0XZhOJXcqGfSvS60wDukt%2Fc5xTT8WGGXxZGSuoQi%2B4nJsNcO5esU8eEm1j0IwMlZAc0XT9TnEQScSdvdRW7HXspE1iG1U8VINJf2IL9BjOqYx18%2B"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=25784&min_rtt=23999&rtt_var=2984&sent=44&recv=26&lost=0&retrans=0&sent_bytes=27746&recv_bytes=3255&delivery_rate=272893&cwnd=254&unsent_bytes=0&cid=955474e506baf4a5&ts=735&x=0"
date
Tue, 03 Dec 2024 15:40:50 GMT
content-type
text/css
last-modified
Mon, 13 Feb 2023 07:46:40 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a850bd5136b0-YYZ
accept-ranges
bytes
content-length
2027
server
cloudflare
hRB8rQIBqztz.js
lega.bz/js/
211 KB
84 KB
Script
General
Full URL
https://lega.bz/js/hRB8rQIBqztz.js
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2057580c532dd2e49ded3eca78da603b49073dd01814396a28620ba9fd0ecd13

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
MISS
etag
"34aac-5f49009e4a280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZCvNQLrJsXtI91inLse9xKL7Ltx3hiCcnXFhPmekUsVae50OO9IeTsd5aY8dWUPXqkfhwpf0t%2Brb7oq0giCTw20INuZZMrVKkkqz5bFi6oNOROqw7s7o777g"}],"group":"cf-nel","max_age":604800}
cf-ray
8ec4a863f9f0a246-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27605&min_rtt=25034&rtt_var=8448&sent=17&recv=15&lost=0&retrans=0&sent_bytes=5236&recv_bytes=6089&delivery_rate=414&cwnd=12000&unsent_bytes=0&cid=78384ac64f3c9777&ts=3770&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 15:40:54 GMT
content-type
text/javascript
last-modified
Mon, 13 Feb 2023 07:46:02 GMT
vary
Accept-Encoding
priority
u=3,i=?0
xzV6KWZXCCmR.js
lega.bz/js/
29 KB
10 KB
Script
General
Full URL
https://lega.bz/js/xzV6KWZXCCmR.js
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e972908c1417a57c2ed0bcd2db422462b15443571da3d5d5b1a71c59463657f0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"744d-5f49009c61e00-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aIIRDdZrxnVBpAi8v5s%2FHe0j%2Fdqcexwl3iToIVoAYs7RBB7kKUC1lJKyMQHVe3lCZ%2FU7x%2F8sW%2BRcpbWt7YlSp37anOywmp%2B8cOgA8SfXH%2Fpip9QmaEzD6L6O"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=26414&min_rtt=23999&rtt_var=1731&sent=94&recv=48&lost=0&retrans=10&sent_bytes=78350&recv_bytes=3255&delivery_rate=123893&cwnd=254&unsent_bytes=0&cid=955474e506baf4a5&ts=1095&x=0"
date
Tue, 03 Dec 2024 15:40:51 GMT
content-type
text/javascript
last-modified
Mon, 13 Feb 2023 07:46:00 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a850bd5236b0-YYZ
accept-ranges
bytes
content-length
9525
server
cloudflare
qfE9XONTfeFC.js
lega.bz/js/
85 KB
30 KB
Script
General
Full URL
https://lega.bz/js/qfE9XONTfeFC.js
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7478a985e9d7e34fb45e33608fd02310f3ce926dc5219b881bf273c85b8aed5b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"15567-5f49009e4a280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dyEyXk4qVX9wpHDuVHJmt45YIvAqaGUJOfV%2BuAOdQlkbeQ9CCYwh3zGGHYqU%2FkcAG%2BQ5PGP9NGQIxy5nvRA1pMio6uMqgRgASPEiDlDLMpGVHNu2%2BwMPY4LT"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=26312&min_rtt=23999&rtt_var=2328&sent=127&recv=71&lost=0&retrans=11&sent_bytes=105527&recv_bytes=3255&delivery_rate=404683&cwnd=254&unsent_bytes=0&cid=955474e506baf4a5&ts=3215&x=0"
date
Tue, 03 Dec 2024 15:40:53 GMT
content-type
text/javascript
last-modified
Mon, 13 Feb 2023 07:46:02 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a850bd5436b0-YYZ
accept-ranges
bytes
content-length
30617
server
cloudflare
fErhvvGeKStx.js
lega.bz/js/
15 KB
6 KB
Script
General
Full URL
https://lega.bz/js/fErhvvGeKStx.js
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"3b90-5f49009e4a280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZZmJzLLxSQNYI2%2Bzx4RscYEMju5umMXWWPOnHWSadZMS0QElXc76b12XKh3Uhl6yjnvi6LzpG%2BGm4DQEDJ5T1pjTyoLned7ewVcdp%2BMulkmvgAUuaj0N0vTB"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=25784&min_rtt=23999&rtt_var=2984&sent=15&recv=26&lost=0&retrans=0&sent_bytes=6940&recv_bytes=3255&delivery_rate=272893&cwnd=254&unsent_bytes=0&cid=955474e506baf4a5&ts=716&x=0"
date
Tue, 03 Dec 2024 15:40:50 GMT
content-type
text/javascript
last-modified
Mon, 13 Feb 2023 07:46:02 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a850bd5636b0-YYZ
accept-ranges
bytes
content-length
5860
server
cloudflare
9X5hFwVMNJ2n.js
lega.bz/js/
8 KB
4 KB
Script
General
Full URL
https://lega.bz/js/9X5hFwVMNJ2n.js
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"1ff9-5f49009e4a280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z3ccU7c%2F51F9j2PwJ4thJ1Ch3QHlzL6pubou2P9Stj71ZSFwqu%2Fushwih6BndmSviLHyZ0No8cCoh%2FOA6qpViOixWqJx2VBhMiJ60DfCBOP3AAkOeNMjK%2F2%2F"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=25833&min_rtt=23999&rtt_var=865&sent=109&recv=54&lost=0&retrans=11&sent_bytes=90640&recv_bytes=3255&delivery_rate=154635&cwnd=254&unsent_bytes=0&cid=955474e506baf4a5&ts=2108&x=0"
date
Tue, 03 Dec 2024 15:40:52 GMT
content-type
text/javascript
last-modified
Mon, 13 Feb 2023 07:46:02 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a850bd5836b0-YYZ
accept-ranges
bytes
content-length
3396
server
cloudflare
fYZreU4qGUY4.js
lega.bz/js/
43 KB
12 KB
Script
General
Full URL
https://lega.bz/js/fYZreU4qGUY4.js
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"ad36-5f49009e4a280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QbWO8ht6K5Oy6r%2BnVmL142js5ebUI3tV7AH%2B2valnAT9jAqjLDIOWmk21k7UswomIjRZES1V%2BRUtrTcxo5LfIghALl7bRkWec1nD4k10mr%2BXa0Ir3DK%2FA6oj"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=25784&min_rtt=23999&rtt_var=2984&sent=30&recv=26&lost=0&retrans=0&sent_bytes=15644&recv_bytes=3255&delivery_rate=272893&cwnd=254&unsent_bytes=0&cid=955474e506baf4a5&ts=729&x=0"
date
Tue, 03 Dec 2024 15:40:50 GMT
content-type
text/javascript
last-modified
Mon, 13 Feb 2023 07:46:02 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a850bd5936b0-YYZ
accept-ranges
bytes
content-length
11412
server
cloudflare
wdTif9eXmole.js
lega.bz/js/
10 KB
3 KB
Script
General
Full URL
https://lega.bz/js/wdTif9eXmole.js
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce0f880b2d9c9c0205fcea92a1506fe52571c12438d74029cf7ccbcff9c4d0ce

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"28a1-5f49009e4a280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hpj8VrLOrQMrA5YqK45nBvL4hnZ7OIzFlHgOTmX8rb%2B%2FwfpWP%2Bb74I2m02wdHnHhfeqkqFRmEeCsk6xJJ1YgAU3ao5TubJZztCbwdk84JG56wdWSjgkxmyrk"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=30499&min_rtt=23999&rtt_var=10980&sent=114&recv=58&lost=0&retrans=11&sent_bytes=94565&recv_bytes=3255&delivery_rate=244376&cwnd=254&unsent_bytes=0&cid=955474e506baf4a5&ts=3141&x=0"
date
Tue, 03 Dec 2024 15:40:53 GMT
content-type
text/javascript
last-modified
Mon, 13 Feb 2023 07:46:02 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a850bd5b36b0-YYZ
accept-ranges
bytes
content-length
2799
server
cloudflare
lkse0yGesSiZ.js
lega.bz/js/
19 KB
7 KB
Script
General
Full URL
https://lega.bz/js/lkse0yGesSiZ.js
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"4dd7-5f49009e4a280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=me249L4Kbqu41vV60PZE6RDfCyqwztxx0HxvlaY9TAl2xQEfAvxZBKWs%2FHc4cPHwVq%2B%2FgnH5JxBsKEiR6SAYVAIjDor6c8r4158Ix8eF6gmql9Lp1NxS0Z%2F7"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=30499&min_rtt=23999&rtt_var=10980&sent=119&recv=58&lost=0&retrans=11&sent_bytes=97894&recv_bytes=3255&delivery_rate=244376&cwnd=254&unsent_bytes=0&cid=955474e506baf4a5&ts=3158&x=0"
date
Tue, 03 Dec 2024 15:40:53 GMT
content-type
text/javascript
last-modified
Mon, 13 Feb 2023 07:46:02 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a850dd7036b0-YYZ
accept-ranges
bytes
content-length
7007
server
cloudflare
02GAG8nw5QvQ.js
lega.bz/js/
15 KB
2 KB
Script
General
Full URL
https://lega.bz/js/02GAG8nw5QvQ.js
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab4198e62ca7f3a4b0f14b4e06985f4cc9b203b2b2b008b7359fbbf9b0293dfb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
"3a48-5f49009e4a280-gzip"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dJoFOXJu4nch%2BYDOTs1DWbAE5vCzVb86gPldFGsiDVtM0m2ot8NMxMXR%2FZhHoKVUabkH6W39te6mO1CsBuOksucWRK%2BFCYje%2BkSmcDKeCZ8PWkLAh3IHFPM1"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=26318&min_rtt=23000&rtt_var=302&sent=301&recv=125&lost=2&retrans=22&sent_bytes=316228&recv_bytes=3255&delivery_rate=883649&cwnd=48&unsent_bytes=13090&cid=955474e506baf4a5&ts=3492&x=0"
date
Tue, 03 Dec 2024 15:40:53 GMT
content-type
text/javascript
last-modified
Mon, 13 Feb 2023 07:46:02 GMT
vary
Accept-Encoding
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a850dd7136b0-YYZ
accept-ranges
bytes
content-length
2064
server
cloudflare
foundation-lib.css
origin.kzac51-resources.com/webStaticKZ/promo/qatar/css/
35 KB
7 KB
Stylesheet
General
Full URL
https://origin.kzac51-resources.com/webStaticKZ/promo/qatar/css/foundation-lib.css?v=1.0.12
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
35f7b461a7e2f4d5aacdf71d0846e64118eb412eb40046c9580c36c537547be1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

cache
MISS
content-encoding
gzip
etag
W/"6ced7b00caac605a69a3160b344bd1ab"
x-amz-storage-class
STANDARD
x-amz-request-id
tx0000058334006b8957817-00674f2684-81940be-dt2
access-control-allow-origin
*
date
Tue, 03 Dec 2024 15:40:52 GMT
x-rgw-object-type
Normal
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Wed, 30 Aug 2023 00:51:54 GMT
x-node
m9-up-gc7
style.css
origin.kzac51-resources.com/webStaticKZ/promo/qatar/css/
95 KB
20 KB
Stylesheet
General
Full URL
https://origin.kzac51-resources.com/webStaticKZ/promo/qatar/css/style.css?v=1.0.12
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
40632f46d339e33d7fb1cfcf78aec63533d77105d04b4eefce689b44096544bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

cache
MISS
content-encoding
gzip
etag
W/"26382b46664e3681cbccf12be68229a7"
x-amz-storage-class
STANDARD
x-amz-request-id
tx0000067b3ba28f2387d77-00674f2684-818cd51-dt2
access-control-allow-origin
*
date
Tue, 03 Dec 2024 15:40:52 GMT
x-rgw-object-type
Normal
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Wed, 30 Aug 2023 00:51:57 GMT
x-node
m9-up-gc8
custom.css
origin.kzac51-resources.com/webStaticKZ/promo/qatar/css/
5 KB
1 KB
Stylesheet
General
Full URL
https://origin.kzac51-resources.com/webStaticKZ/promo/qatar/css/custom.css?v=1.0.12
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
8e26dd214bc5ebc2804d35fa0e46b8c297386d08afc0f77c9b1c0d5ae114d82f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

cache
MISS
content-encoding
gzip
etag
W/"b9fa30711fad267e78a0553c10d56896"
x-amz-storage-class
STANDARD
x-amz-request-id
tx0000082096a8d684144ae-00674f2684-818cd39-dt2
access-control-allow-origin
*
date
Tue, 03 Dec 2024 15:40:52 GMT
x-rgw-object-type
Normal
content-type
text/css
vary
Accept-Encoding
server
nginx
last-modified
Wed, 30 Aug 2023 00:50:36 GMT
x-node
m9-up-gc31
app.js
origin.kzac51-resources.com/webStaticKZ/promo/qatar/js/
5 KB
2 KB
Script
General
Full URL
https://origin.kzac51-resources.com/webStaticKZ/promo/qatar/js/app.js?v=1.0.12
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
d6adc136149ef28fa0aaa5945757940fb7ee9e6589ba55b9fb46b7d9d6097af1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

cache
STALE
content-encoding
gzip
etag
W/"ba3a36b8f8e732b76a4afdec8e5ddb77"
x-amz-storage-class
STANDARD
x-amz-request-id
tx000006140cf6746df54c5-00674e78eb-8194163-dt2
access-control-allow-origin
*
date
Tue, 03 Dec 2024 15:40:52 GMT
x-rgw-object-type
Normal
content-type
application/javascript
last-modified
Wed, 30 Aug 2023 00:49:16 GMT
server
nginx
x-cached-since
2024-12-03T03:20:11+00:00
x-node
m9-up-gc28
script.js
origin.kzac51-resources.com/webStaticKZ/promo/qatar/js/
38 KB
10 KB
Script
General
Full URL
https://origin.kzac51-resources.com/webStaticKZ/promo/qatar/js/script.js?v=1.0.12
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
d06bf2b5fdc6603848b723a47dcd188759c149aef8d86d12be531f276ecb0ead

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

cache
STALE
content-encoding
gzip
etag
W/"52e65fb07ed347b363c651b1e4c79e79"
x-amz-storage-class
STANDARD
x-amz-request-id
tx0000005b43cec6146a7b7-00674e78eb-818cd51-dt2
access-control-allow-origin
*
date
Tue, 03 Dec 2024 15:40:52 GMT
x-rgw-object-type
Normal
content-type
application/javascript
last-modified
Wed, 30 Aug 2023 00:49:56 GMT
server
nginx
x-cached-since
2024-12-03T03:20:11+00:00
x-node
m9-up-gc70
online.js
origin.kzac51-resources.com/webStaticKZ/promo/qatar/js/
4 KB
2 KB
Script
General
Full URL
https://origin.kzac51-resources.com/webStaticKZ/promo/qatar/js/online.js?v=1.0.12
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.181.182.182 Perm, Russian Federation, ASN210756 (EdgeCenterLLC EdgeCenter LLC, RU),
Reverse DNS
Software
nginx /
Resource Hash
bca9a4c91576697b7652e48dcd2da9b962a305998be1fd7dc93f5779cdb6add3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

cache
STALE
content-encoding
gzip
etag
W/"759dae7fb41798a002e468ae8a368ab4"
x-amz-storage-class
STANDARD
x-amz-request-id
tx000000834a04bcd3d4263-00674e78eb-818cd39-dt2
access-control-allow-origin
*
date
Tue, 03 Dec 2024 15:40:52 GMT
x-rgw-object-type
Normal
content-type
application/javascript
last-modified
Wed, 30 Aug 2023 00:49:16 GMT
server
nginx
x-cached-since
2024-12-03T03:20:11+00:00
x-node
m9-up-gc81
logo7.png
lega.bz/images/
6 MB
6 MB
Image
General
Full URL
https://lega.bz/images/logo7.png
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23f96311e0a7d6cff7f75dd172cab392f2ec16aa90133948fd7860c679ba1168

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"5fa5c8-5f4900a21ab80"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SCjnbtsfGZ90CAsi8j1CfW4UP7dEixsr%2BpJZ8wo9xZeae%2FG%2F4zV0EBUnxoCoqKttmUOn7yLCNEFv9GvxfTxbYa1FhwQWbW1ykwvTawkujD40wzgd5w%2BYvjMA"}],"group":"cf-nel","max_age":604800}
cf-ray
8ec4a850dd7236b0-YYZ
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=25756&min_rtt=23000&rtt_var=406&sent=155&recv=81&lost=0&retrans=12&sent_bytes=138200&recv_bytes=3255&delivery_rate=857986&cwnd=254&unsent_bytes=0&cid=955474e506baf4a5&ts=3343&x=0"
content-length
6268360
date
Tue, 03 Dec 2024 15:40:53 GMT
content-type
image/png
last-modified
Mon, 13 Feb 2023 07:46:06 GMT
vary
Accept-Encoding
server
cloudflare
urls.json
lega.bz/
269 B
882 B
XHR
General
Full URL
https://lega.bz/urls.json
Requested by
Host: origin.kzac51-resources.com
URL: https://origin.kzac51-resources.com/webStaticKZ/promo/qatar/js/script.js?v=1.0.12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e06282618337ecffc870e52e2cbc81f3a33195d09593d159b461d9893835bc4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8foluanYrBDuU7z5IDzg5938Ff0LGbrS5DDvuUuYuqeKufSRn3XEwJThqQjO4KXKRuHqgJykC05%2BlUZaMJVPtPsyIdU2jrKRZ%2B%2BT17zXeVXdGejAWHWJlfI1"}],"group":"cf-nel","max_age":604800}
cf-ray
8ec4a86409fda246-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27605&min_rtt=25034&rtt_var=8448&sent=16&recv=15&lost=0&retrans=0&sent_bytes=4331&recv_bytes=6089&delivery_rate=414&cwnd=12000&unsent_bytes=0&cid=78384ac64f3c9777&ts=3718&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 15:40:54 GMT
content-type
text/html; charset=iso-8859-1
server
cloudflare
priority
u=1,i
JTIn4jctEFZp.woff
lega.bz/fonts/
42 KB
43 KB
Font
General
Full URL
https://lega.bz/fonts/JTIn4jctEFZp.woff
Requested by
Host: lega.bz
URL: https://lega.bz/css/o5XhLyNJFZ7u.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548a47089e8e80acab92b9766a8cc2a3ce717eb8773a45e10b5bc37576e55a99

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lega.bz
Referer
https://lega.bz/css/o5XhLyNJFZ7u.css

Response headers

cf-cache-status
MISS
etag
"a85c-5f4900bccea80"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8yU3EwvDL0CqyobzD2rEEhXA3kc0%2FMg8Y3mmTXRvS6nviKGFTclBLX3Xu%2BzVI5aRb622bRzGYrfrM%2BKZJL38L6JXLieWCFjlY7XE%2FcvArLXIG%2FFgeBUVjYKe"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27774&min_rtt=25034&rtt_var=2201&sent=33&recv=20&lost=2&retrans=2&sent_bytes=22708&recv_bytes=6324&delivery_rate=14237&cwnd=8400&unsent_bytes=0&cid=78384ac64f3c9777&ts=3820&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 15:40:54 GMT
content-type
font/woff
last-modified
Mon, 13 Feb 2023 07:46:34 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a8644a33a246-YYZ
accept-ranges
bytes
content-length
43100
server
cloudflare
fGv697KQP8DM.woff
lega.bz/fonts/
43 KB
44 KB
Font
General
Full URL
https://lega.bz/fonts/fGv697KQP8DM.woff
Requested by
Host: lega.bz
URL: https://lega.bz/css/o5XhLyNJFZ7u.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e531ddcedbaae644e6d08d0eab3e86a777097bec29652205842924e6606b246a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lega.bz
Referer
https://lega.bz/css/o5XhLyNJFZ7u.css

Response headers

cf-cache-status
MISS
etag
"adf0-5f4900b345400"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BUdaQsdf13VDg3QqmXTfzXNtlveUheapTjGpeaIGX1jImAX6u4OfARSsF3ISbaDW%2FEpwOV29nxBlk2uRnzZdxgG5I80F38Eh8cSuQzGEW1mK2%2BocopRN6Yi7"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=45898&min_rtt=24837&rtt_var=13361&sent=70&recv=39&lost=7&retrans=7&sent_bytes=62308&recv_bytes=7266&delivery_rate=328670&cwnd=6720&unsent_bytes=0&cid=78384ac64f3c9777&ts=3953&x=1", cfExtPri, cfHdrFlush;dur=2
date
Tue, 03 Dec 2024 15:40:54 GMT
content-type
font/woff
last-modified
Mon, 13 Feb 2023 07:46:24 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a8644a34a246-YYZ
accept-ranges
bytes
content-length
44528
server
cloudflare
wABPF6hv9q18.woff
lega.bz/fonts/
44 KB
44 KB
Font
General
Full URL
https://lega.bz/fonts/wABPF6hv9q18.woff
Requested by
Host: lega.bz
URL: https://lega.bz/css/o5XhLyNJFZ7u.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
323fbf2a733b1261eaa0d3e5e293423b546cd18ab7642fe30ce3c05ae0e6f4d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://lega.bz
Referer
https://lega.bz/css/o5XhLyNJFZ7u.css

Response headers

cf-cache-status
MISS
etag
"aec8-5f4900aba4200"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Dx%2BfVSUQYCZ5x5AYCBox4N37Gy4%2Fp%2B9hYT5ytW4baCHuTvkyJlTi9eNN1QxvZ82oaU4Z%2BorxDXA7QkJo2XJiByOrIcZURzCPkIsVsqQl2sc6i6sFR7xfzlnm"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=40520&min_rtt=24837&rtt_var=12490&sent=64&recv=36&lost=6&retrans=6&sent_bytes=55931&recv_bytes=7135&delivery_rate=328615&cwnd=9600&unsent_bytes=0&cid=78384ac64f3c9777&ts=3927&x=1", cfExtPri, cfHdrFlush;dur=5
date
Tue, 03 Dec 2024 15:40:54 GMT
content-type
font/woff
last-modified
Mon, 13 Feb 2023 07:46:16 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8ec4a8644a35a246-YYZ
accept-ranges
bytes
content-length
44744
server
cloudflare
marijuana-jamaica_00265850.jpg
ust-barguzin.ucoz.ru/Newsweek/
172 KB
173 KB
Image
General
Full URL
https://ust-barguzin.ucoz.ru/Newsweek/marijuana-jamaica_00265850.jpg
Requested by
Host: lega.bz
URL: https://lega.bz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.174.157.151 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS DataWeb Global Group B.V., NL),
Reverse DNS
Software
nginx /
Resource Hash
377ef2ba23fc4a0160a5d4d6ec306df3c20420cfa5845e4405c01eb6aed1df90
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

Cache-Control
max-age=1728000
ETag
"5333c7b7-2b0cc"
Connection
keep-alive
Expires
Mon, 23 Dec 2024 15:40:56 GMT
Accept-Ranges
bytes
Content-Length
176332
Keep-Alive
timeout=15
Date
Tue, 03 Dec 2024 15:40:56 GMT
Content-Type
image/jpeg
Last-Modified
Thu, 27 Mar 2014 06:39:51 GMT
Server
nginx
X-Frame-Options
SAMEORIGIN
/
api.userstatics.com/get/static.jshttps://lega.bz/
141 B
887 B
Script
General
Full URL
https://api.userstatics.com/get/static.jshttps://lega.bz/
Requested by
Host: lega.bz
URL: https://lega.bz/js/qfE9XONTfeFC.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.53.38 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.2.1
Resource Hash
07cbf566eacbcc8ad734cadf5642dc3893334011c08355f95f8c84766f989ea8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

content-encoding
zstd
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5IgAqglWM6q92Bym0woC7JFD6WhJSdwhmQlaKi23uc3XZe1Rk9EFawu%2FC2zrvuT0NwEfNT5cuJ73WNcpiPjs1nwPOYaKHR7U7Isy8%2BN1i48YDVDdoFSmdKgzIaTAwaRKslPGpRdM"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods
GET, POST
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32829&min_rtt=29830&rtt_var=9949&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4240&recv_bytes=5671&delivery_rate=509&cwnd=12000&unsent_bytes=0&cid=7c0def140576f819&ts=335&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 15:40:54 GMT
content-type
text/javascript; charset=utf-8
priority
u=3,i=?0
access-control-allow-headers
X-Requested-With,content-type
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8ec4a8699ef736f9-YYZ
access-control-allow-origin
https://lega.bz
x-powered-by
PHP/8.2.1
server
cloudflare
favicon.ico
lega.bz/
269 B
869 B
Other
General
Full URL
https://lega.bz/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.25.189 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e06282618337ecffc870e52e2cbc81f3a33195d09593d159b461d9893835bc4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://lega.bz/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jOu6FsAkZAiBd2uWhrw4lrTU7aFLtaNvxGfV0Om4PIu2lFUmU1myVnsC%2BBkfMEgjSfoQyx5udet2sr2QuFxwNVv5Pucd7zVXb6708H9Ad3wahRy6zvj%2FPao1"}],"group":"cf-nel","max_age":604800}
cf-ray
8ec4a881edc5a246-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=635418&min_rtt=24837&rtt_var=102633&sent=256&recv=135&lost=26&retrans=26&sent_bytes=256232&recv_bytes=12276&delivery_rate=94546&cwnd=5308&unsent_bytes=0&cid=78384ac64f3c9777&ts=8105&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 03 Dec 2024 15:40:58 GMT
content-type
text/html; charset=iso-8859-1
vary
Accept-Encoding
server
cloudflare
priority
u=1,i

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| marked function| $ function| jQuery object| $jscomp function| saveDecodeURIComponent object| lucid function| utm function| QRCode string| siteVersion string| headerVersion string| registrationVersion string| contentWidgetVersion string| clickStreamVersion string| vipPromoVersion string| cusIdentVersion string| contentVersion string| registrationFrameVersion string| identFrameVersion string| getAppsVersion string| prepareProcessDevRunVersion string| registrationWidgetVersion string| unsubscribePageVersion string| mailingWebViewVersion string| statisticsFrameVersion string| statisticsFrameMobileVersion boolean| saveGAClientIdToAdvertInfo object| urlsConfig string| announcementVersion string| beFirstVersion string| betBattleSeVersion string| betCounterVersion string| betTimer2dVersion string| betTimerLuckyNumberVersion string| cashBackVersion string| lostAmountCashBackByPromoCodeSeVersion string| roulette2dVersion string| rouletteSeVersion function| random function| declension function| ajax function| ajax2 function| short function| qrcode function| rules function| error function| initReg function| userAgent object| isMobile function| action function| show function| hide function| hash function| getCookie function| getParameterByName function| detectLang function| initLang function| setPromo function| setLang function| ajaxFormCustom function| ajaxForm function| ajaxSubmit function| checkInitData function| checkEmptyData function| updateData function| init function| render function| initLine number| refreshIntervalId function| RGBToHex object| params string| lang object| fonapi object| popups object| app object| Ya

3 Cookies

Domain/Path Name / Value
lega.bz/ Name: PHPREFS
Value: full
.lega.bz/ Name: advertInfo
Value: utm_source%3Dlanding_lega.bz%26utm_medium%3Dreferral%26utm_term%3Dlanding_lega.bz%26%26partner%3Dlanding_lega.bz
.lega.bz/ Name: lang
Value: ru

3 Console Messages

Source Level URL
Text
security warning URL: https://lega.bz/js/qfE9XONTfeFC.js(Line 1)
Message:
Mixed Content: The page at 'https://lega.bz/' was loaded over HTTPS, but requested an insecure element 'http://ust-barguzin.ucoz.ru/Newsweek/marijuana-jamaica_00265850.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network error URL: https://lega.bz/urls.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://lega.bz/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.userstatics.com
lega.bz
origin.kzac51-resources.com
ust-barguzin.ucoz.ru
104.21.25.189
104.21.53.38
213.174.157.151
95.181.182.182
07cbf566eacbcc8ad734cadf5642dc3893334011c08355f95f8c84766f989ea8
2057580c532dd2e49ded3eca78da603b49073dd01814396a28620ba9fd0ecd13
23f96311e0a7d6cff7f75dd172cab392f2ec16aa90133948fd7860c679ba1168
323fbf2a733b1261eaa0d3e5e293423b546cd18ab7642fe30ce3c05ae0e6f4d2
35f7b461a7e2f4d5aacdf71d0846e64118eb412eb40046c9580c36c537547be1
377ef2ba23fc4a0160a5d4d6ec306df3c20420cfa5845e4405c01eb6aed1df90
40632f46d339e33d7fb1cfcf78aec63533d77105d04b4eefce689b44096544bb
548a47089e8e80acab92b9766a8cc2a3ce717eb8773a45e10b5bc37576e55a99
54a443e0475eb060732e7e922b27362f6cb3eade3fcfb9540cca288df18e36e8
7478a985e9d7e34fb45e33608fd02310f3ce926dc5219b881bf273c85b8aed5b
8e26dd214bc5ebc2804d35fa0e46b8c297386d08afc0f77c9b1c0d5ae114d82f
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
ab4198e62ca7f3a4b0f14b4e06985f4cc9b203b2b2b008b7359fbbf9b0293dfb
b317951f5d5d687ab8e5ab9255d37bd15889d697d5207ff56ecc9a86f8bda986
bac905e20fcafb88df3e85a25c9fb63db983638d18629f4a0f221ec8b5d2c332
bbb318e841b96acb3c2614eec417a4d7caf9606ea996507dccba84e2f6724e7e
bca9a4c91576697b7652e48dcd2da9b962a305998be1fd7dc93f5779cdb6add3
c10c7063256a1921c15bcb73550775db7ecd64a802c0a515830b0003b4e9ace3
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
ce0f880b2d9c9c0205fcea92a1506fe52571c12438d74029cf7ccbcff9c4d0ce
d06bf2b5fdc6603848b723a47dcd188759c149aef8d86d12be531f276ecb0ead
d6adc136149ef28fa0aaa5945757940fb7ee9e6589ba55b9fb46b7d9d6097af1
e06282618337ecffc870e52e2cbc81f3a33195d09593d159b461d9893835bc4f
e531ddcedbaae644e6d08d0eab3e86a777097bec29652205842924e6606b246a
e972908c1417a57c2ed0bcd2db422462b15443571da3d5d5b1a71c59463657f0
eaa90754324d07725df6defce97da8f02e7dbb6de53f2943e021e3ea9672059b