luckyforbet.com/i/29414
20 B IP
ASN #60781 LeaseWeb Netherlands B.V.
File type gzip compressed data, from Unix\012- data
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /i/29414 HTTP/1.1
Host: luckyforbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 04 Dec 2023 06:33:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: TRK_TRG=eJxjYGBgEmEXZMosEOSxNNSzNNAzMdIzNDURZE5PzRdk8vMX5C5KTc%2FMz4tPzk9JFWT189c1MBbkTM4sqYSIsANF%2FItz8gWZM4sLBPmccjIrFILzc0pLgHqKBfnyUkviiwtSU1PAqtkYBTkyi%2BMLivIrKtkYAUzOIh4%3D; expires=Tue, 05-Dec-2023 06:33:29 GMT; Max-Age=86400; path=/
TRK_TRU7=eJxjYGBgEuEQZC5NNBVUSEkzNEs2sDBMNjI1NjAzMzVJNEhNS7KwTLIwNzNMNLAQZE0qSsxL4RVkzc1PSc3hFeRKKsovL04tis9MYWMT5IfxylKLijPz83gcohwYQECQNb8YpIRFkAvIgMuqMEBkuVNSyzKTU%2BNLKgtS2RgBWyQlpg%3D%3D; expires=Tue, 05-Dec-2023 06:33:29 GMT; Max-Age=86400; path=/
trk_cpa_pixel=09de8060-926f-11ee-ba71-6959eefea15f; expires=Fri, 02-Feb-2024 06:33:29 GMT; Max-Age=5184000; path=/
Location: https://luckyforbet.com/h/Ozg3jdiOr95jaEpZt.tynFThe3ZKf2bWxtdKj1N7z5OejaMip86tFyCau2EAj7lPpo1rhBonU2IhWhqjLn2bKNhFlxU84GxvKtkhFeXR.8SYNiP4RGBU9RlDL9O1xn7i29Vzobf8NUhjRSkzT7TzIysM62gb.xbDxKOa5kC1uedWBj6Dcf1Zh4dFZ_qSUEd4.FuVIRI.Pv45LmbJCxd3jvnLAfqJ3YdkYQXf7Dd7XLWWdk02XzLx8Ya8b7Wo9Hn_vTOX2bPa6SgJNQ.rUNNQnMxicApUPOwG8v2YZlcGTDcqq.qq
Content-Encoding: gzip
Vary: Accept-Encoding
luckyforbet.com/h/Ozg3jdiOr95jaEpZt.tynFThe3ZKf2bWxtdKj1N7z5OejaMip86tFyCau2EAj7lPpo1rhBonU2IhWhqjLn2bKNhFlxU84GxvKtkhFeXR.8SYNiP4RGBU9RlDL9O1xn7i29Vzobf8NUhjRSkzT7TzIysM62gb.xbDxKOa5kC1uedWBj6Dcf1Zh4dFZ_qSUEd4.FuVIRI.Pv45LmbJCxd3jvnLAfqJ3YdkYQXf7Dd7XLWWdk02XzLx8Ya8b7Wo9Hn_vTOX2bPa6SgJNQ.rUNNQnMxicApUPOwG8v2YZlcGTDcqq.qq
372 B URL luckyforbet.com/h/Ozg3jdiOr95jaEpZt.tynFThe3ZKf2bWxtdKj1N7z5OejaMip86tFyCau2EAj7lPpo1rhBonU2IhWhqjLn2bKNhFlxU84GxvKtkhFeXR.8SYNiP4RGBU9RlDL9O1xn7i29Vzobf8NUhjRSkzT7TzIysM62gb.xbDxKOa5kC1uedWBj6Dcf1Zh4dFZ_qSUEd4.FuVIRI.Pv45LmbJCxd3jvnLAfqJ3YdkYQXf7Dd7XLWWdk02XzLx8Ya8b7Wo9Hn_vTOX2bPa6SgJNQ.rUNNQnMxicApUPOwG8v2YZlcGTDcqq.qq
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 97be4eb5890b19892c342960cf1eae20
a958a0886f52b1843d54dcababec832411125938
978c17e703c46999e886e95a2e7a39b6e9f7d449c0940f0a15aae54fb204f244
GET /h/Ozg3jdiOr95jaEpZt.tynFThe3ZKf2bWxtdKj1N7z5OejaMip86tFyCau2EAj7lPpo1rhBonU2IhWhqjLn2bKNhFlxU84GxvKtkhFeXR.8SYNiP4RGBU9RlDL9O1xn7i29Vzobf8NUhjRSkzT7TzIysM62gb.xbDxKOa5kC1uedWBj6Dcf1Zh4dFZ_qSUEd4.FuVIRI.Pv45LmbJCxd3jvnLAfqJ3YdkYQXf7Dd7XLWWdk02XzLx8Ya8b7Wo9Hn_vTOX2bPa6SgJNQ.rUNNQnMxicApUPOwG8v2YZlcGTDcqq.qq HTTP/1.1
Host: luckyforbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: TRK_TRG=eJxjYGBgEmEXZMosEOSxNNSzNNAzMdIzNDURZE5PzRdk8vMX5C5KTc%2FMz4tPzk9JFWT189c1MBbkTM4sqYSIsANF%2FItz8gWZM4sLBPmccjIrFILzc0pLgHqKBfnyUkviiwtSU1PAqtkYBTkyi%2BMLivIrKtkYAUzOIh4%3D; TRK_TRU7=eJxjYGBgEuEQZC5NNBVUSEkzNEs2sDBMNjI1NjAzMzVJNEhNS7KwTLIwNzNMNLAQZE0qSsxL4RVkzc1PSc3hFeRKKsovL04tis9MYWMT5IfxylKLijPz83gcohwYQECQNb8YpIRFkAvIgMuqMEBkuVNSyzKTU%2BNLKgtS2RgBWyQlpg%3D%3D; trk_cpa_pixel=09de8060-926f-11ee-ba71-6959eefea15f
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 04 Dec 2023 06:33:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Content-Encoding: gzip
Vary: Accept-Encoding
luckyforbet.com/favicon.ico
33 B URL luckyforbet.com/favicon.ico
IP
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 1e6cd917ed71a1241e4bedc29264bd98
5b65037351caeb0e5a48d963d7ffa88d0271d546
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402
GET /favicon.ico HTTP/1.1
Host: luckyforbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luckyforbet.com/h/Ozg3jdiOr95jaEpZt.tynFThe3ZKf2bWxtdKj1N7z5OejaMip86tFyCau2EAj7lPpo1rhBonU2IhWhqjLn2bKNhFlxU84GxvKtkhFeXR.8SYNiP4RGBU9RlDL9O1xn7i29Vzobf8NUhjRSkzT7TzIysM62gb.xbDxKOa5kC1uedWBj6Dcf1Zh4dFZ_qSUEd4.FuVIRI.Pv45LmbJCxd3jvnLAfqJ3YdkYQXf7Dd7XLWWdk02XzLx8Ya8b7Wo9Hn_vTOX2bPa6SgJNQ.rUNNQnMxicApUPOwG8v2YZlcGTDcqq.qq
Cookie: TRK_TRG=eJxjYGBgEmEXZMosEOSxNNSzNNAzMdIzNDURZE5PzRdk8vMX5C5KTc%2FMz4tPzk9JFWT189c1MBbkTM4sqYSIsANF%2FItz8gWZM4sLBPmccjIrFILzc0pLgHqKBfnyUkviiwtSU1PAqtkYBTkyi%2BMLivIrKtkYAUzOIh4%3D; TRK_TRU7=eJxjYGBgEuEQZC5NNBVUSEkzNEs2sDBMNjI1NjAzMzVJNEhNS7KwTLIwNzNMNLAQZE0qSsxL4RVkzc1PSc3hFeRKKsovL04tis9MYWMT5IfxylKLijPz83gcohwYQECQNb8YpIRFkAvIgMuqMEBkuVNSyzKTU%2BNLKgtS2RgBWyQlpg%3D%3D; trk_cpa_pixel=09de8060-926f-11ee-ba71-6959eefea15f
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 04 Dec 2023 06:33:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Content-Encoding: gzip
Vary: Accept-Encoding
1xlite-686449.top/polyfills.js
0 B URL 1xlite-686449.top/polyfills.js
IP
ASN #202492 Silverhill Group Holding Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /polyfills.js HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
vary: user-agent
cache-control: public, max-age=2678400, s-maxage=2678400
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/runtime-365bdaca.js
16 kB URL v3.traincdn.com/_nuxt/desktop/default/runtime-365bdaca.js
IP
File type ASCII text, with very long lines (49135), with no line terminators
Hash d33ed8cce6d3fec16214d66e3127df4c
4bf392492bef146fc2cb107e78bbff9c8e0bd396
3332799045261bdae3d42cf3d42f5bab0d858e2d9539b35c48f67f7514c8af58
GET /_nuxt/desktop/default/runtime-365bdaca.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 15559
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-3cc7"
expires: Mon, 04 Dec 2023 14:48:06 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 56727
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/faf1b88f.css
6.7 kB URL v3.traincdn.com/_nuxt/desktop/default/css/faf1b88f.css
IP
File type ASCII text, with very long lines (50149), with no line terminators
Hash e9e96f0f4f34a9d2a629069d541b008c
a1e1fbed2d5c50aaaa79b28a2a809083e08cb182
2d9bd4b5e8e9d064732c6afe95c409660c09e6e673d6e1d2371ee73d7048201a
GET /_nuxt/desktop/default/css/faf1b88f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: text/css
content-length: 6694
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-1a26"
expires: Mon, 04 Dec 2023 11:07:20 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69987
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-71c643c9.js
200 OK 10 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-71c643c9.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type HTML document, Unicode text, UTF-8 text, with very long lines (34520), with no line terminators
Hash 31803c5902687c23eac52b2969212d09
e280c139c79bfc098459071e2fcc42b3516d2848
95ae57eff4176c533682e20260de60dea7946a78cf8a0943dd394c0de22e0430
GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-71c643c9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 10076
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-275c"
expires: Mon, 04 Dec 2023 09:50:21 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 74599
accept-ranges: bytes
X-Firefox-Spdy: h2
refpamjeql.top/L?tag=d_42282m_22583c_[]MS[]null[]null[]general[]_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
303 See Other 178 kB URL User Request GET HTTP/2 refpamjeql.top/L?tag=d_42282m_22583c_[]MS[]null[]null[]general[]_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
IP
Certificate IssuerLet's Encrypt
Subjectrefpamjeql.top
Fingerprint72:B5:CB:19:2E:C8:C5:C8:A9:6B:0A:A3:61:A4:05:4F:19:10:7F:51
ValidityMon, 23 Oct 2023 05:18:43 GMT - Sun, 21 Jan 2024 05:18:42 GMT
Size 178 kB (178284 bytes)
Hash f5141861c160070da4ed8de05c5e5759
4c80862e79ac23a7cf7dd5868bfc848c04b75df1
22add4a81d9662adf4e3b6b890b55fcf88b01f9184c1e874fcc4a8b879d97264
GET /L?tag=d_42282m_22583c_[]MS[]null[]null[]general[]_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f HTTP/1.1
Host: refpamjeql.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://luckyforbet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
server: nginx
date: Mon, 04 Dec 2023 06:33:30 GMT
cache-control: private
location: https://1xlite-686449.top:443/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
x-aspnetmvc-version: 5.0
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.005
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-601d97aa.js
200 OK 47 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-601d97aa.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (64253), with no line terminators
Hash 3d71088e02851141b705f98176b10c76
6e6421718c7591fa1d8dc01739fa796c2b298aae
8a0e97a0cfbcdf97c722944cb593372c65131b6207b0b738f3f33eac48693262
GET /_nuxt/desktop/default/Page.Betting.Main-601d97aa.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 46841
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-b6f9"
expires: Mon, 04 Dec 2023 14:48:06 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 56729
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.NewCyber.CyberApp/Page.NewCybe/681b90be-fff86e03.js
200 OK 8.9 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.NewCyber.CyberApp/Page.NewCybe/681b90be-fff86e03.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (30439), with no line terminators
Hash 84811b58c8c1cb5b2e52f2e42245adc7
04b80576a498ef6bd8b071fc962c881f3db04f2f
17795d6a092cecc7f95a7ed3e21d5aed23be08c2d7ee10c2d330bfe5b6d9f2f3
GET /_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.NewCyber.CyberApp/Page.NewCybe/681b90be-fff86e03.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 8862
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-229e"
expires: Mon, 04 Dec 2023 12:04:09 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 66593
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/2fc62149.css
200 OK 1.5 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/2fc62149.css
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (7649), with no line terminators
Hash 83bbcaa18914b98d714d6a8cc04c07a1
3c4c8e70af66cb2dec8dea84d3ecc6ec69eae24f
87b2457640c522d9711ae0b7059fdcbbd07141d9b2920e35d1c086e7abd13ad6
GET /_nuxt/desktop/default/css/2fc62149.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: text/css
content-length: 1484
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-5cc"
expires: Mon, 04 Dec 2023 13:30:54 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 61359
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/d09c5b12.css
1.5 kB URL v3.traincdn.com/_nuxt/desktop/default/css/d09c5b12.css
IP
File type ASCII text, with very long lines (8368), with no line terminators
Hash a7d51976ccd67810c2d1b95d3c7f2ac5
05b2a01253f964b79038e3860099e06e8cccf8b1
93bf482899aadae6d33659e5e9fc3c6abc4a7be657c5d9f07428283b85f609a5
GET /_nuxt/desktop/default/css/d09c5b12.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: text/css
content-length: 1459
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-5b3"
expires: Mon, 04 Dec 2023 11:07:04 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69988
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.SportMenuApp-96d29260.js
200 OK 3.0 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.SportMenuApp-96d29260.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (10441), with no line terminators
Hash e322892d89d5f2b139cd34e527c0e93e
bb451fba768b14d28345791c011665475f929f9c
466bdfc8326de3d3899250b54125e8f84fa394aaea29cc26dad1682798d987b0
GET /_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.SportMenuApp-96d29260.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 2955
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-b8b"
expires: Mon, 04 Dec 2023 11:07:06 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69986
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-fe6c3eab.js
6.1 kB URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-fe6c3eab.js
IP
File type ASCII text, with very long lines (22797), with no line terminators
Hash 9209c661bd14c4673952d5b8034ca1b9
43a7334f960bb6d24ed2ddbd115d406ae3a538be
6e28509a77e41b2ba7fbdf16753093a48fb7255c34788755eaa78e0aca9ad553
GET /_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-fe6c3eab.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 6119
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-17e7"
expires: Mon, 04 Dec 2023 09:50:13 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 74599
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9e956d3b.js
200 OK 17 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9e956d3b.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65113), with no line terminators
Hash 4ae1426a2e76d20306813000c2030d74
2ecef0d4e982c074032fc80d95682fa7aa0182d7
d6d476b82a2aa5678b9bdfa0e35e26a3b95e6b329dcaa08ab684213b15d231cf
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9e956d3b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 16981
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-4255"
expires: Mon, 04 Dec 2023 12:03:40 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 66593
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.Cy/533e0c9c-bc34dc25.js
200 OK 3.5 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.Cy/533e0c9c-bc34dc25.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (13856), with no line terminators
Hash cab129052575447198365ac3752c9b5f
7d1a0cf670490d301c320858f6fbafe492c72a9e
e0a785e685073d4548054465af3989b3d507a7bddb314527a2ef7c3ea8a19c64
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.Cy/533e0c9c-bc34dc25.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 3513
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-db9"
expires: Mon, 04 Dec 2023 09:50:13 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 74599
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/8edf10d9.css
2.6 kB URL v3.traincdn.com/_nuxt/desktop/default/css/8edf10d9.css
IP
File type ASCII text, with very long lines (19656), with no line terminators
Hash a2c2cf9380b3264c2bbdeab0f9a8710a
4a9ad30b15fc6e23594d1682be4ce6624ab223df
d2d7404d5f7ae0ab1809ae5008d12f7e86fffc178f98e679413e7e943bda2f03
GET /_nuxt/desktop/default/css/8edf10d9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: text/css
content-length: 2565
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-a05"
expires: Mon, 04 Dec 2023 11:45:42 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 67671
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-d053a86d.js
12 kB URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-d053a86d.js
IP
File type Unicode text, UTF-8 text, with very long lines (47315), with no line terminators
Hash d153948691b66b6dca7a53dca66a6add
e5fd33d2e10f87e98f4f526b9a278020da87c00a
39d8f42f20e5154932cffe397e28bf3a8e9c3eb7769ea7bff84ad29dfeea8af4
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-d053a86d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 12328
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-3028"
expires: Mon, 04 Dec 2023 09:50:13 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 74600
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/64a6de4e.css
200 OK 204 B URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/64a6de4e.css
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (502), with no line terminators
Hash 1f02b8463ec288496d7b1ccc18c2cd9b
90633342134fc525352e60666e7ecd91d09c5d88
5e7585ad750a636350d96c16842be6fe71d50815a9ef401c5caed5e8d3ca1258
GET /_nuxt/desktop/default/css/64a6de4e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: text/css
content-length: 204
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-cc"
expires: Mon, 04 Dec 2023 10:49:22 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 71051
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-419b7e3d.js
200 OK 646 B URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-419b7e3d.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (1334), with no line terminators
Hash e2551c972a9c4673fe8dec8bb800ec83
e8555b3bd26f27c5bd0d795634fd6c1fa6802972
934f7a24bd69438e67bd51cc42e05d66eb9b008734d56d1376959c3320e4db33
GET /_nuxt/desktop/default/Page.Betting.Main.BettingContent-419b7e3d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 646
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-286"
expires: Mon, 04 Dec 2023 09:50:29 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 74599
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/version.json
200 OK 44 B URL GET HTTP/2 v3.traincdn.com/version.json
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hash adf2458bf5a2c82b71ee258c5e42a1d9
4c2abbb370ace264469c751c9435411b0daaaa5a
6765ec0b348ee45f07069a5325367e0d62b93c58943d7e061d7f2943091d3cdf
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/json
content-length: 44
cache-control: max-age=60, s-maxage=60
content-encoding: gzip
etag: "656b3a64-2c"
expires: Mon, 04 Dec 2023 06:34:14 GMT
last-modified: Sat, 02 Dec 2023 14:08:36 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 18
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/c1ae3820.css
1.4 kB URL v3.traincdn.com/_nuxt/desktop/default/css/c1ae3820.css
IP
File type ASCII text, with very long lines (7592), with no line terminators
Hash 80d822002048c569e488a7c9b0a208fe
084ba85491a073b694df75ed75d19ab16fd8f064
2add226414afb8170d04a6a4a7e9b6c0e4a4306af6b2a6cd7a12fcf9896b2f6e
GET /_nuxt/desktop/default/css/c1ae3820.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: text/css
content-length: 1426
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-592"
expires: Mon, 04 Dec 2023 11:45:57 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 67669
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-01d09a57.js
200 OK 8.7 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-01d09a57.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (31890), with no line terminators
Hash a82c68c92729af072deaab724a3e5d6c
94dfdfe8ca8956c8522bd4c345a724095c3d970b
9c5bcc3aacac857ee4b9b4c32da67dbcc3205de92e619b3c2a251130c1cf3465
GET /_nuxt/desktop/default/Layout.Betting.ExpressDay-01d09a57.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 8651
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-21cb"
expires: Mon, 04 Dec 2023 09:50:18 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 74595
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css
200 OK 5.9 kB URL GET HTTP/2 v3.traincdn.com/genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (30819), with no line terminators
Hash 5c6473a1406859c4b91a718f3530e675
9ee86b0987816cc60b4c559c55465afad955c9a6
62ed647f10a67cccd6143a47ed8c3f91d7cffa97f39a909d2235833718c91f39
GET /genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: text/css
content-length: 5927
cache-control: public, max-age=3600, s-maxage=3600
content-encoding: gzip
etag: W/"5c6473a1406859c4b91a718f3530e675"
expires: Mon, 04 Dec 2023 07:13:22 GMT
last-modified: Fri, 01 Dec 2023 13:29:06 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
age: 1210
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg
698 B URL v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash 7cca3986f7a5c4c164144ff11df71073
b22531fb1cb3ab6325986f299e0de1690a2a2724
2cb7283447d210aa27e07657e00beefe6731f9771a9445be4e44e96dfe88c232
GET /genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: image/svg+xml
content-length: 698
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Mon, 04 Dec 2023 06:44:11 GMT
last-modified: Tue, 02 May 2023 10:06:49 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 2980
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/12b6c10c.css
200 OK 77 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/12b6c10c.css
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash de02a5477e2ab0b04b14cc2af357611a
c45bd6c16b34cc670e0f9951e756d6245c601de1
27b491fb87795a845b5d4c3c9ac770b57c453252c771e09547afd24811dfbe74
GET /_nuxt/desktop/default/css/12b6c10c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: text/css
content-length: 76571
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-12b1b"
expires: Mon, 04 Dec 2023 14:48:19 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 56727
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/app-7cd5dc64.js
302 kB URL v3.traincdn.com/_nuxt/desktop/default/vendors/app-7cd5dc64.js
IP
File type Unicode text, UTF-8 text, with very long lines (61101)
Size 302 kB (302392 bytes)
Hash 69425299213a1e8b7047f49a29341556
8d97f08e411bf54d01a283b3716f98d69ff5cddd
682556a69657a671319b46ce801e3745780e9fe08e219a50f5681eca433e1b07
GET /_nuxt/desktop/default/vendors/app-7cd5dc64.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 302392
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-49d38"
expires: Mon, 04 Dec 2023 12:03:44 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 66593
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/app-b8aa0dd4.js
200 OK 224 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/app-b8aa0dd4.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (64816), with no line terminators
Size 224 kB (223813 bytes)
Hash ce9ee05fc2860c4a22d4435a37b4bb76
5d2c058f0e08ea8c3973b150a63f4a71881797fe
0c2d9b4691f70636528c264d8670abb5b32b59ce8017fca7ab19c6e164c6d13b
GET /_nuxt/desktop/default/app-b8aa0dd4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 223813
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-36a45"
expires: Mon, 04 Dec 2023 12:03:40 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 66592
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/b6e4789e.css
18 kB URL v3.traincdn.com/_nuxt/desktop/default/css/b6e4789e.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 764890b8b2c5ec25217755976c6d0bec
31b9314c5c0015ee110a750cae4191bd127abb03
c26f680284b62c1c50e1d755ebcd5bd897a2cca7bca36acc595ba6a5376e15fc
GET /_nuxt/desktop/default/css/b6e4789e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: text/css
content-length: 18251
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-474b"
expires: Mon, 04 Dec 2023 11:07:11 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69982
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/commons/app-dddf181f.js
46 kB URL v3.traincdn.com/_nuxt/desktop/default/commons/app-dddf181f.js
IP
File type ASCII text, with very long lines (65476)
Hash 83f4517934432619aa14da0fee420ac5
5bd9c87a47de82cbf1ab13873462b5fa8657b141
7a2e68fc1888567c6b5039ac0aaeb0d9a5f0645ad054a71410adff1f86e0edcf
GET /_nuxt/desktop/default/commons/app-dddf181f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 46096
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-b410"
expires: Mon, 04 Dec 2023 09:50:16 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 74599
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
64 kB URL v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 63748, version 1.0\012- data
Hash 6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:33 GMT
content-type: font/woff2
content-length: 63748
cache-control: max-age=86400
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Mon, 04 Dec 2023 06:59:34 GMT
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 2039
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
200 OK 65 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 64732, version 1.0\012- data
Hash 3ac5d40d1b3966fc5eb09ecca74d9cbf
a69f32357765dd321519889aeacba5e9ca893bb0
3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:33 GMT
content-type: font/woff2
content-length: 64732
cache-control: max-age=86400
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
expires: Mon, 04 Dec 2023 06:45:37 GMT
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.003
age: 2876
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
200 OK 64 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 63920, version 1.0\012- data
Hash a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:33 GMT
content-type: font/woff2
content-length: 63920
cache-control: max-age=86400
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Mon, 04 Dec 2023 06:53:39 GMT
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 2394
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png
653 B URL v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png
IP
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash e6f0766cbd95db33da44e7a9140648f2
5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0
GET /genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:33 GMT
content-type: image/png
content-length: 653
cache-control: public, max-age=86400
etag: "e6f0766cbd95db33da44e7a9140648f2"
expires: Mon, 04 Dec 2023 07:14:42 GMT
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 1159
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/85fdbd9b.css
204 B URL v3.traincdn.com/_nuxt/desktop/default/css/85fdbd9b.css
IP
File type ASCII text, with very long lines (502), with no line terminators
Hash 220ac0e19dd32e88325ee563113b9c9c
ee2d0a5aa83d252886854910aabfbdef084c0215
0ae54ce6f5b046155afe5ef48231953dbd80506a21049681f0274acb6f2d399e
GET /_nuxt/desktop/default/css/85fdbd9b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:33 GMT
content-type: text/css
content-length: 204
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-cc"
expires: Mon, 04 Dec 2023 11:00:50 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 70365
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-7a9ad302.js
631 B URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-7a9ad302.js
IP
File type ASCII text, with very long lines (1236), with no line terminators
Hash 658e82d1856c5d298143beaaa6cf89d3
35aeafa76062e62c47d019d68a8d0b848ec83ea3
055a816ec2e3e3b57ee202f3ebdf5f355726443b23af725ac94121a99958e12f
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingContent-7a9ad302.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 631
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-277"
expires: Mon, 04 Dec 2023 09:50:36 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 74579
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-a80f1dbf.js
4.2 kB URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-a80f1dbf.js
IP
File type ASCII text, with very long lines (14578), with no line terminators
Hash cf1aa82c0db3e872b7aca8dce56f0eb0
6b879fa05028f07bb30123f9c956efcac0531bbd
5f01f292e0c589c833ceddd0f08a2d8017c592869e97b97b7257c47c1e83373a
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-a80f1dbf.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 4194
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-1062"
expires: Mon, 04 Dec 2023 11:07:07 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69986
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/5d14afec.css
200 OK 1.3 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/5d14afec.css
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (6774), with no line terminators
Hash e26ef5c86e087ea190eb009f70ea6df0
1f006f52ccd864c71d2bf342ea0dc4fe0634df7c
ee3b0ce7b6d7dd3e04e62c01d2dd1e2fe064aefacb5c059447bcfd7f20cad32f
GET /_nuxt/desktop/default/css/5d14afec.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:33 GMT
content-type: text/css
content-length: 1310
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-51e"
expires: Mon, 04 Dec 2023 11:07:22 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69985
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-830f8804.js
200 OK 10 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-830f8804.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (37956), with no line terminators
Hash c01bce241ab6ce7c9eb4fda7b4a7070c
6041e1454f7675f64d4f218e4732dea88bd56c40
6cf0167253cef691f9b4e407aa9892c57c383c2686b0267e6aa4b9f85b95fcd7
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-830f8804.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 10471
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-28e7"
expires: Mon, 04 Dec 2023 09:50:22 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 74594
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/2c5f174e.css
4.8 kB URL v3.traincdn.com/_nuxt/desktop/default/css/2c5f174e.css
IP
File type ASCII text, with very long lines (38647), with no line terminators
Hash 7a52c29487d08ca40ef52c1e47332c6e
c16d6511f47d04fc56c180a26c5d4ac259d62be5
08ae0531c7925ca3b239c9d28ccb5edb5488af3ce85541fcc4c855de83395adf
GET /_nuxt/desktop/default/css/2c5f174e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:33 GMT
content-type: text/css
content-length: 4788
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-12b4"
expires: Mon, 04 Dec 2023 11:07:14 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69983
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-84af1b39.js
200 OK 26 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-84af1b39.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (64214), with no line terminators
Hash 5762cee0956437742003802ee206058f
a552cb05afea79e054716948a536067ed226a8a5
2b9b569d187f0f4722d7713c5a091c48e81c46d1b1da3b5c3e0eea6b988d978f
GET /_nuxt/desktop/default/Page.Betting.Main.Asian-84af1b39.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:33 GMT
content-type: application/javascript; charset=utf-8
content-length: 25981
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-657d"
expires: Mon, 04 Dec 2023 12:03:53 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 66580
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-244d972f.js
22 kB URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-244d972f.js
IP
File type ASCII text, with very long lines (65476)
Hash 8799d7f5e34dd86fb7d9e12184ae4daa
13b224bef4afb0953cb66a1f01fac1bbfc15b2ef
0d7c74bf26828339f684416d26e217748faa58321c8308a6ad9cea25776310c6
GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-244d972f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 21903
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-558f"
expires: Mon, 04 Dec 2023 11:07:12 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69985
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-8979bdff.js
200 OK 4.6 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-8979bdff.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (12527), with no line terminators
Hash 0b92ca0bf2b11b83981cdc6dbfe1a057
a6492ca06e65a4c6f1bd6a82bc65a5cd3c6ad7af
f9f4509c4ae3021c5b843e8978579bb2499e9699ae5c18951599d1218daac4aa
GET /_nuxt/desktop/default/vendors/plugins.vue-notification-8979bdff.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 4556
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-11cc"
expires: Mon, 04 Dec 2023 11:07:15 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69985
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/e1ad5afb.css
200 OK 943 B URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/e1ad5afb.css
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (3303), with no line terminators
Hash cacc6d6ba45cf94ef4172d935ce1dc39
1ebd443b4446bb9d07e56deb39c88be4b67e0f16
dec9bcae0186bee94c16b3012dcc5379eb7ab98380875cedf2342baf66ba70e5
GET /_nuxt/desktop/default/css/e1ad5afb.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: text/css
content-length: 943
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-3af"
expires: Mon, 04 Dec 2023 15:13:22 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 55212
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-ceac5fbd.js
8.1 kB URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-ceac5fbd.js
IP
File type HTML document, ASCII text, with very long lines (26717), with no line terminators
Hash e3c83b48e8411bf8bf29ae5be04bf201
3aee622f3b0ee06b018aadd3f0b3628e12346a55
a04c6f09e099864c8aa6990cd1dd734e530d6b4e51ed22c0502257a54be4cfff
GET /_nuxt/desktop/default/vendors/plugins.vue-js-modal-ceac5fbd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 8056
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-1f78"
expires: Mon, 04 Dec 2023 11:07:11 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69986
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-134761c4.js
200 OK 2.1 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-134761c4.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (6960), with no line terminators
Hash 7c9152a4dcd07fd2cf537aff830a019b
684cc09b7751b9b93d1e0fee203d822aeae577ae
66951cf7194724b1ab1b7b1c756609cb11e7a27c3313e50274265ea39b28e8ce
GET /_nuxt/desktop/default/date-fns-locale-21-134761c4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 2128
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-850"
expires: Mon, 04 Dec 2023 11:07:11 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69984
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/genfiles/cms/1-285/desktop/media_asset/29ff8e35693b23d6fca06a6514cb28df.json
200 OK 668 B URL GET HTTP/2 1xlite-686449.top/genfiles/cms/1-285/desktop/media_asset/29ff8e35693b23d6fca06a6514cb28df.json
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type JSON data\012- , ASCII text
Hash b7b882bc87bd49ec0b19e15d62050091
7dd2f9242613b1d6453f8ea25f61f3c036c1c10a
ea3b4c0c004ddc47d397140cb405c5934682606f1e0faeecf9308bfa30cf924e
GET /genfiles/cms/1-285/desktop/media_asset/29ff8e35693b23d6fca06a6514cb28df.json HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: application/json
content-length: 668
last-modified: Tue, 23 May 2023 10:24:59 GMT
etag: "b7b882bc87bd49ec0b19e15d62050091"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sys-icons/1.0.212/285/common.svg
200 OK 66 kB URL GET HTTP/2 v3.traincdn.com/sys-icons/1.0.212/285/common.svg
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 90c7817a0f115a66c82d3de99fe2b9e0
c03233f6b060374d7fd84d3322cb6e914130f403
061e799e92ae86438a645f5c9b725ed698b929811a56b557838c1192a73100a6
GET /sys-icons/1.0.212/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: image/svg+xml
content-length: 65973
cache-control: max-age=86400
content-encoding: gzip
etag: W/"90c7817a0f115a66c82d3de99fe2b9e0"
expires: Mon, 04 Dec 2023 11:07:12 GMT
last-modified: Mon, 27 Nov 2023 07:27:22 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-mtime: 1701070040.783870721
x-time-ng: 0.002
age: 69982
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sys-icons/1.0.212/285/country.svg
62 kB URL v3.traincdn.com/sys-icons/1.0.212/285/country.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 392c1bb51f69d1b06c15dd9083e78d47
4752ad2289bee900a23cc0afe3e7782eef087e0d
a5ce266ff578729cecad90142ca1ea186f168e0ca3ef2acaf6f46140f565aa2a
GET /sys-icons/1.0.212/285/country.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: image/svg+xml
content-length: 61771
cache-control: max-age=86400
content-encoding: gzip
etag: W/"392c1bb51f69d1b06c15dd9083e78d47"
expires: Mon, 04 Dec 2023 11:07:10 GMT
last-modified: Mon, 27 Nov 2023 07:27:22 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-mtime: 1701070040.783870721
x-time-ng: 0.002
age: 69984
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sys-icons/1.0.212/285/sports.svg
200 OK 158 kB URL GET HTTP/2 v3.traincdn.com/sys-icons/1.0.212/285/sports.svg
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Size 158 kB (158176 bytes)
Hash 2bc6784b2bc8f53d0472c0a790cab177
3e76b506e50cba99c1bcb844d305b97b96451c9b
800cee086c8bc64dfab46092bcdc003e9a7822b44861e2753d86aa6b697516ae
GET /sys-icons/1.0.212/285/sports.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: image/svg+xml
content-length: 158176
cache-control: max-age=86400
content-encoding: gzip
etag: W/"2bc6784b2bc8f53d0472c0a790cab177"
expires: Mon, 04 Dec 2023 11:07:09 GMT
last-modified: Mon, 27 Nov 2023 07:27:22 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-mtime: 1701070040.783870721
x-time-ng: 0.002
age: 69985
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/DC-f74f9f14.js
200 OK 999 B URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/DC-f74f9f14.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (2336), with no line terminators
Hash f3481bb8d9b43c2abcba75d2cd96f15d
50a080069ea257a707163cd193a1df0255a61f3b
c0ff83abaa47c68694de30ac04991467dfd982b933a178adde4f5e1d72c6371a
GET /_nuxt/desktop/default/DC-f74f9f14.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 999
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-3e7"
expires: Mon, 04 Dec 2023 11:07:11 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69984
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/version.json?timestamp=1701671619790
44 B URL 1xlite-686449.top/version.json?timestamp=1701671619790
IP
ASN #202492 Silverhill Group Holding Ltd
Hash adf2458bf5a2c82b71ee258c5e42a1d9
4c2abbb370ace264469c751c9435411b0daaaa5a
6765ec0b348ee45f07069a5325367e0d62b93c58943d7e061d7f2943091d3cdf
GET /version.json?timestamp=1701671619790 HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: application/json
content-length: 44
last-modified: Sat, 02 Dec 2023 14:08:36 GMT
vary: Accept-Encoding
etag: "656b3a64-2c"
content-encoding: gzip
expires: Mon, 04 Dec 2023 06:34:34 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-686449.top%2Fen&projectId=285
200 OK 72 B URL GET HTTP/2 1xlite-686449.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-686449.top%2Fen&projectId=285
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 2cbc145b099d1dee719c026f951da9b9
3598152670a45ef1a7cd28ba18d3c4a5ea1aed4c
49a0bdc20fefd4d0ad24228a690129a88fcaedb423f59162dd917f63e1eb71bb
GET /seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-686449.top%2Fen&projectId=285 HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: application/json
content-length: 72
cache-control: max-age=1200, must-revalidate, public
x-request-id: 9cd02e7ed2dd3a38696cadb2cc8e5d43
x-request-guid: ffaeb183df219b82b3f990812e20e13f
x-content-digest: ence9703551e00917684b735143455d1e7
age: 324
x-time-ng: 0.005, 0.005
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=12.239217758179, wf-uht;dur=0.016
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Betting.Core-fbfe5136.js
200 OK 1.5 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Betting.Core-fbfe5136.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (2326), with no line terminators
Hash f955a2c3a83ab3523e68bc50b7154cfb
c70f494ce0bc5dadebf85bb89596717b01cac571
230d565f2d5c935192dff7cc5ffc8cc0be65b3bafcda93029139b031b51868d0
GET /_nuxt/desktop/default/Betting.Core-fbfe5136.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 1500
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-5dc"
expires: Mon, 04 Dec 2023 14:48:12 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 56722
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-86d02589.js
1.5 kB URL v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-86d02589.js
IP
File type ASCII text, with very long lines (3622), with no line terminators
Hash b3252d0b685ec16f0c81e62b828d1cde
b874cf77a2597d232661ed2d3b3f8f138fe62c5e
87e3a6afb18d7353625821b2986abb217add0013560409f0ef0bb67fded89fce
GET /_nuxt/desktop/default/consultant.supHelperV2-86d02589.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 1450
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-5aa"
expires: Mon, 04 Dec 2023 11:07:14 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69981
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/checker/redirect/stat/run/
14 B URL 1xlite-686449.top/checker/redirect/stat/run/
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash 2de0d0acfd684235f066bd0ec0c9e3df
68d0cb64805a42d7e40f43e8e198986b43dd6b69
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1920; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: application/json
content-length: 14
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.20-fdc42bbe.js
1.3 kB URL v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.20-fdc42bbe.js
IP
File type Unicode text, UTF-8 text, with very long lines (3072), with no line terminators
Hash 5475544b2d6f21c100c1fb0facf85e52
8e920535d30ba74d2a4ee0de017af173c595b51d
4bc1396d01b3e916517d25e03f74a6876a7c1addf3b5afe4017aef12bf4f4574
GET /_nuxt/desktop/default/ioc.dependencies.20-fdc42bbe.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: application/javascript; charset=utf-8
content-length: 1322
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-52a"
expires: Mon, 04 Dec 2023 11:08:15 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69919
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/611af4ca-d6a7eaa4.js
7.2 kB URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/611af4ca-d6a7eaa4.js
IP
File type Unicode text, UTF-8 text, with very long lines (31359), with no line terminators
Hash 6326ffab6c05dac068b0fef44eca6d56
40b4752a7414fe32d52282b9c5f5ee572966e536
c6235f752afa4324ca22f8a7f5428d6558f56f911b5ca8d2c0bb48adf379f6b2
GET /_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/611af4ca-d6a7eaa4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 7171
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-1c03"
expires: Mon, 04 Dec 2023 12:04:07 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 66577
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/e5af0352.css
3.0 kB URL v3.traincdn.com/_nuxt/desktop/default/css/e5af0352.css
IP
File type ASCII text, with very long lines (22795), with no line terminators
Hash 7fc626ffd9d7a9db103b51e7639fe21d
c182ab6a5d5cf7011a0428d41d545345d65909fa
026ea31737b4e552294f13ca5d077e5d56a292923ffb2b3f500e35d412cb101c
GET /_nuxt/desktop/default/css/e5af0352.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: text/css
content-length: 2992
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-bb0"
expires: Mon, 04 Dec 2023 13:18:40 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 62096
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-17bee997.js
29 kB URL v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-17bee997.js
IP
File type Unicode text, UTF-8 text, with very long lines (65483), with no line terminators
Hash b7e8b01a6062d6545b97bc59a8c7b707
0c79e80e75a66d6c901928879f0a63153b274c39
c31d811b53ea16a2d84eb6096c7b65c0cb3b54f138cc3a752ea07ab6373732ea
GET /_nuxt/desktop/default/betting.SportMenuApp-17bee997.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 28652
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-6fec"
expires: Mon, 04 Dec 2023 12:05:31 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 66484
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/62e57421.css
200 OK 1.6 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/62e57421.css
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (8645), with no line terminators
Hash 7eafb18464c23e0f6556cb55e89055d2
30f9a1f7316ac95bd2cfeb0c183f93e07baf5804
8da8938a2200b65e48830c41e047533d1a495171c6972e9e7c8ece613e6760b7
GET /_nuxt/desktop/default/css/62e57421.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: text/css
content-length: 1577
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-629"
expires: Mon, 04 Dec 2023 13:48:44 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 60299
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-042cae8f.js
200 OK 7.1 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-042cae8f.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (22859), with no line terminators
Hash 8fc0429330ff180deb47722166e61b12
dbbd02bdc11864da07358401e8b6bf0482d09c21
0b3d8fee52346df395312d9fc6232aaf92ecc6cb134b953680f1d06258ee3134
GET /_nuxt/desktop/default/betting.HomeSliderComponent-042cae8f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 7129
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-1bd9"
expires: Mon, 04 Dec 2023 11:07:12 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69986
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/477d96d0.css
1.3 kB URL v3.traincdn.com/_nuxt/desktop/default/css/477d96d0.css
IP
File type ASCII text, with very long lines (6194), with no line terminators
Hash 3f9e6993b145ca622f3ea850eacb7245
b0d5cc9ca0e7e512679b3b0a74761155d47334dd
084f6cab75890aeb803e5d1df6a7721eba618b86e99604ef412c8fee328bc472
GET /_nuxt/desktop/default/css/477d96d0.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: text/css
content-length: 1270
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-4f6"
expires: Mon, 04 Dec 2023 08:23:22 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 79818
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-f15a4f83.js
15 kB URL v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-f15a4f83.js
IP
File type Unicode text, UTF-8 text, with very long lines (59173), with no line terminators
Hash 857a92524b337295ea2d6373ad4d9bfe
f41857cc49b16a5ec4777993aa02af1192fc0813
3201f7538a1024783e33d24497a384f6177d82691b3d6086ddf6fb1672661f4c
GET /_nuxt/desktop/default/betting.CentralMenuApp-f15a4f83.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 15088
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-3af0"
expires: Mon, 04 Dec 2023 12:04:23 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 66579
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/239b3a82.css
454 B URL v3.traincdn.com/_nuxt/desktop/default/css/239b3a82.css
IP
File type ASCII text, with very long lines (1429), with no line terminators
Hash b5c7b6dfc9433384f5f222d67a6f4270
85e5cfc0284129c4428d2f7de5731e568da070cf
83e6033ea9bffc7dee6c4414ea5febb81b7900a3a3ddef58530780861b754730
GET /_nuxt/desktop/default/css/239b3a82.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: text/css
content-length: 454
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-1c6"
expires: Mon, 04 Dec 2023 11:16:28 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69427
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-731b56af.js
18 kB URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-731b56af.js
IP
File type Unicode text, UTF-8 text, with very long lines (43298), with NEL line terminators
Hash 325862560d40ab11dab4807730d237a7
2688d2b521c818aaaf3da4e6e624dfcf54cb3127
8513c1312dee1a22c352bfa72e49ad400295d33f474a1198d7e7a29dce7b7524
GET /_nuxt/desktop/default/vendors/betting.media-731b56af.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 17607
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-44c7"
expires: Mon, 04 Dec 2023 11:07:58 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69942
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/a16991b5.css
200 OK 1.5 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/a16991b5.css
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (6955), with no line terminators
Hash cffc42698826b6dba0709d55d070c665
c96adc4c6e5c8c8011e3307daa52941ae89bf7cb
dcdd23b29663b53d947e09243e785dc36f5d5a9478d5ce640081660fea7ffa29
GET /_nuxt/desktop/default/css/a16991b5.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: text/css
content-length: 1461
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-5b5"
expires: Mon, 04 Dec 2023 13:31:39 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 61319
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.media-4d48c78c.js
200 OK 4.7 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/betting.media-4d48c78c.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (16431), with no line terminators
Hash 5c7676abe23440458e89ee47e462715e
6b841ad562471e5ee106f030d2af9ad5f50b316f
0664376081158138d24df2546b8d0d72dd4f0b7f3d1a5294824b7f0b31ee8d8b
GET /_nuxt/desktop/default/betting.media-4d48c78c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 4654
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-122e"
expires: Mon, 04 Dec 2023 09:50:35 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 74599
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137
195 B URL 1xlite-686449.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash ae3a2468d577421477f2e1e69a380ac1
3be47d8ebc656d8416f249c168f060a34a397390
6ca68316bb2152ceef1b72555db9165fbd430632a16a58ed9105bd69ebc1ae0b
GET /service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/json; charset=utf-8
content-length: 195
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.016
X-Firefox-Spdy: h2
1xlite-686449.top/session-api/sessions/user
200 OK 16 B URL GET HTTP/2 1xlite-686449.top/session-api/sessions/user
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 646b2e82b65602d35f7aa6283c387e3a
b163a70c5df8e4b0861a23a04f8a6f78393747f4
b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab
GET /session-api/sessions/user HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.0669231414795, wf-uht;dur=0.012
X-Firefox-Spdy: h2
1xlite-686449.top/bff-api/event-logo/suitable.json?lang=en
35 B URL 1xlite-686449.top/bff-api/event-logo/suitable.json?lang=en
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash aac324d41195f32bfe54e54d93278c5f
fef4c6f9c7fcc2a1affe2f33dba6a12592d92bcd
701fbb0767c5e6a29fd1b14383e92eb68a20fa5d120d4f0badf5b9a1bb276547
GET /bff-api/event-logo/suitable.json?lang=en HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/json
content-length: 35
cache-control: no-cache, private
server-timing: bff;dur=1.39, dt_total;dur=8.904, wf-uht;dur=0.021
x-cache-expire: 289
x-cache-hit: 1
x-dt: 285
x-time-ng: 0.008
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-686449.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137
65 B URL 1xlite-686449.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash a62a3d291c25728a06f15b4ee47d5e43
7613e665c8dd639f4f8b821f8337cc4629e3d942
1e2d5a52c362e3ab706e11a3ee2454024423019bd4976d4874df7681c7468b3c
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/json; charset=utf-8
content-length: 65
cache-control: no-cache
content-encoding: br
vary: Accept-Encoding
x-time-ng: 0.007
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.017
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/52a94554.css
200 OK 1.1 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/52a94554.css
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (4319), with no line terminators
Hash a8ca6ad918662919832dfadf40101246
305ccd8daad4f79301ef418766f1aa6786cde6bc
bb8d0ffe4dbc2c0f2615e5aa182699dc27c845701a9fa311366b52610261384a
GET /_nuxt/desktop/default/css/52a94554.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: text/css
content-length: 1149
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-47d"
expires: Mon, 04 Dec 2023 13:31:41 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 61315
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp/registration.Main/user.userRegistration-910fc809.js
200 OK 19 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp/registration.Main/user.userRegistration-910fc809.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash b5ea1c6505d2fddfd7980f11cc84a0f5
11ae49d508d4a85c9684c021e594c7efdbe0b230
6acd6cd458bb0d8fd2ae7867212cec4f1026029f3d3ca630ee73358a82517afd
GET /_nuxt/desktop/default/vendors/RegistrationWidgetApp/registration.Main/user.userRegistration-910fc809.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 19271
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-4b47"
expires: Mon, 04 Dec 2023 12:04:14 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 66577
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/87ca12c6.css
551 B URL v3.traincdn.com/_nuxt/desktop/default/css/87ca12c6.css
IP
File type ASCII text, with very long lines (1864), with no line terminators
Hash 25e620c2a8c380d6a0ecece799921fdf
07e9e53816eac0b9ffeac96e469c855bc16b13ac
724b5597b1d57403e5e0415b41eeacaf8ca9ad93866b6a0c8ad2325552c4c0c8
GET /_nuxt/desktop/default/css/87ca12c6.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: text/css
content-length: 551
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-227"
expires: Mon, 04 Dec 2023 13:25:16 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 61700
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/RegistrationWidgetApp-a1176e58.js
200 OK 2.7 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/RegistrationWidgetApp-a1176e58.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (7705), with no line terminators
Hash db105bb8bbbcb61993e61232fef68035
85fc2325152c539c453fd836696ad46cd75379b3
5b3d98c4a4c4e07a202b76e2ca2ecd6298f14d74b7552993e17162b13f7aef45
GET /_nuxt/desktop/default/RegistrationWidgetApp-a1176e58.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 2673
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-a71"
expires: Mon, 04 Dec 2023 09:51:17 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 74596
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.coupon2/vuedraggable-c5a084d8.js
24 kB URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.coupon2/vuedraggable-c5a084d8.js
IP
File type Unicode text, UTF-8 text, with very long lines (65472)
Hash 2be2e37802ebcf98079c71830a2c4638
1af835622a997c085095aa2ec6c7b3446a417196
167065dcb8ccdcda2d411d49a20ce714687181d874176b3e5242d78c8001161b
GET /_nuxt/desktop/default/vendors/betting.coupon2/vuedraggable-c5a084d8.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 23578
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-5c1a"
expires: Mon, 04 Dec 2023 11:07:13 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69982
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.coupon2-3f41eece.js
9.8 kB URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.coupon2-3f41eece.js
IP
File type Unicode text, UTF-8 text, with very long lines (36656), with no line terminators
Hash fdc4ad22e085488eddeaa86e8828e6b7
df1d39da250b7aa189f736cc6846e4e50c47e864
545c0fc8e544ff143d8862bac23f80d3bfb581ec1a1b5084527689394bf17be5
GET /_nuxt/desktop/default/vendors/betting.coupon2-3f41eece.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 9840
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-2670"
expires: Mon, 04 Dec 2023 12:04:14 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 66578
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/d5261c57.css
200 OK 2.7 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/d5261c57.css
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (29028), with no line terminators
Hash 5c51d3ab40120cb3fa0dfd82e8637327
b98822a194e1cd5290ead5c932ff4dfc77d26026
16f5b21b2355c80bf23ea50b75bee5d482c3d326e191ee892b22541c8fc5d654
GET /_nuxt/desktop/default/css/d5261c57.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: text/css
content-length: 2650
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-a5a"
expires: Mon, 04 Dec 2023 10:37:14 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 71781
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.coupon2/modal.CouponsSellModal-963eb4bd.js
6.3 kB URL v3.traincdn.com/_nuxt/desktop/default/betting.coupon2/modal.CouponsSellModal-963eb4bd.js
IP
File type ASCII text, with very long lines (21036), with no line terminators
Hash 3a333914574a246cc195c7d991a673b0
906d7a5e0d761a9a3c4174bfe28b082a72d8b722
bcc35cbf7f585e60ca080fdbd14e0dbea87ddb524b236f7c9805b74b2097864b
GET /_nuxt/desktop/default/betting.coupon2/modal.CouponsSellModal-963eb4bd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 6299
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-189b"
expires: Mon, 04 Dec 2023 09:50:42 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 74573
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66
1.9 kB URL 1xlite-686449.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (7061), with no line terminators
Hash 1dc2c72c9808bf20460aab68f4400e6e
ed79ad7a7b22a2d823dd7998a7965702e923f806
d59bb279cb0d8f694f8a13f2fe0aac76fdfb3e0295307545cc7500baba6a94ec
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/json; charset=utf-8
content-length: 1871
cache-control: public,max-age=5
content-encoding: br
vary: Accept-Encoding
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/4de0789b.css
200 OK 6.8 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/4de0789b.css
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (52171), with no line terminators
Hash 2b3e0691152ec3e493423fbc45b97032
8492bd33c250bdaf98000c2c9ae79c0f1f9ba637
abeffc84addaf0770ebe3b15879a45e36ff9420f9e5024280c5937407e46dd08
GET /_nuxt/desktop/default/css/4de0789b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: text/css
content-length: 6800
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-1a90"
expires: Mon, 04 Dec 2023 11:07:26 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69983
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-17181b01.js
39 kB URL v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-17181b01.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 96e323761bc88ed405d7214d9830fe62
2d81badd20556b4ed68eb16133317581a0a559e0
c2fcbd3b0d1a13bbc0f85ed9d53a03a40c91c6eb79469e398ada54d2337534bd
GET /_nuxt/desktop/default/betting.coupon2-17181b01.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 39268
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-9964"
expires: Mon, 04 Dec 2023 12:04:18 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 66572
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.30-1f469d86.js
1.2 kB URL v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.30-1f469d86.js
IP
File type Unicode text, UTF-8 text, with very long lines (2335), with no line terminators
Hash c941aad0db13c88313535108eb46d1f9
9db96e3d52733b221ff492c6725d71213394a3e1
7c1fbce8ea786720bf2a4946498c51547c9c8b8ec992ed8799e08c6f5851c822
GET /_nuxt/desktop/default/ioc.dependencies.30-1f469d86.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 1156
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-484"
expires: Mon, 04 Dec 2023 11:07:58 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69939
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-1982c615.js
200 OK 366 B URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-1982c615.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (417), with no line terminators
Hash fd4ba8c223963e833498de4cb3bf51d7
8f256e501d49483583846e3ad94e42973239d619
842cbb4c0ba2a0701de7fefb9ccb11ed85753a59db743689c5e15fd891dfdfb0
GET /_nuxt/desktop/default/DownloadAppWidgetAnalytics-1982c615.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=utf-8
content-length: 366
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-16e"
expires: Mon, 04 Dec 2023 11:07:15 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69984
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/fd10feecf1a86835848c4559506ce3c7.webp
200 OK 420 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/fd10feecf1a86835848c4559506ce3c7.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7af0dd5dfbd62cde2a968a5da6997206
da3dd64ef5c81aad3965ed3f6248804fa3badc55
b32c7972ce42b660320359a6d2d277d7efcd3ccf3503831b7b8c396a574868ce
GET /resized/size16/sfiles/logo_teams/fd10feecf1a86835848c4559506ce3c7.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: image/png
content-length: 420
cache-control: max-age=94608000
expires: Thu, 03 Dec 2026 05:22:33 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="fd10feecf1a86835848c4559506ce3c7.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 375ad4abd347b40f829b21228d5b1e52
x-time-ng: 0.000
age: 8199278
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/27a5192072bca35183c95b955ae505e8.webp
949 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/27a5192072bca35183c95b955ae505e8.webp
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f5c42a95e19c3cadb0508cf1c0bc769c
96ef30d73c7119857fefb6cb39c6e97bbd1e925a
78785f9b8ce6d9181dbf5668e6b5f66befb271fcdb37774ad1fc1e19e2c8b228
GET /resized/size16/sfiles/logo_teams/27a5192072bca35183c95b955ae505e8.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: image/png
content-length: 949
cache-control: max-age=94608000
expires: Sat, 19 Sep 2026 05:02:56 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="27a5192072bca35183c95b955ae505e8.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 06b9d4a85c0923b314b1a8bb7f8a2fd7
x-time-ng: 0.101
age: 8473365
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/30651.webp
732 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/30651.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 0ce543f02042ed61d7fd2205c02c95a2
378a2701dea54ca95df6b58fbdde79842ff1689f
f4d22a358a5d0eb7b8290093aaf1fb58dba4cace36472f2946cadf624560b8e6
GET /resized/size16/sfiles/logo_teams/30651.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 732
cache-control: max-age=94608000
expires: Wed, 02 Dec 2026 06:01:49 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="30651.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 8ea46b8d0b758fae140238bfa00707c2
x-time-ng: 0.000
age: 4487497
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/33627.webp
798 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/33627.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 2fec4edfbad580b332148ac534979798
4e8f108a907533f21a16db7cc3df883e258cb065
59f25d5b4d52614487ecffe291462af62e61fbbad66e62de28647134ec837308
GET /resized/size16/sfiles/logo_teams/33627.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 798
cache-control: max-age=94608000
expires: Wed, 18 Nov 2026 08:00:38 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="33627.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 7fef59b9f16bcc2b8ec000963b6421d7
x-time-ng: 0.051
age: 1290778
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/logo-champ/15f3a0e385ca4a358da520d00b3c1bf6.webp
3.4 kB URL v3.traincdn.com/sfiles/logo-champ/15f3a0e385ca4a358da520d00b3c1bf6.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 84f529c7776c17d15337b2c86a79fb68
b6c06fa8fece270e7759459a903a47edf796aeee
223578c34e15ac2662fd2a221cc13f177ea6e2effbcac7a9b346a8beda9903f8
GET /sfiles/logo-champ/15f3a0e385ca4a358da520d00b3c1bf6.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 3380
cache-control: public, max-age=86400
etag: "84f529c7776c17d15337b2c86a79fb68"
expires: Mon, 04 Dec 2023 08:39:33 GMT
last-modified: Wed, 15 Nov 2023 20:46:00 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 82089
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/8bc5ccdb1d39dc35976720a09846b874.webp
774 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/8bc5ccdb1d39dc35976720a09846b874.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 68853915947783ac67baba411562e84a
5d97a21a8917ade27da051d27337cd3bc24da450
39548da711a00cdbbab6abd41aacc50690f593606cdaf7564866a1bb0cfc0591
GET /resized/size16/sfiles/logo_teams/8bc5ccdb1d39dc35976720a09846b874.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 774
cache-control: max-age=94608000
expires: Thu, 03 Dec 2026 04:28:59 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8bc5ccdb1d39dc35976720a09846b874.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 369839a3d3242e160b8e85b416517b01
x-time-ng: 0.000
age: 7477
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/301009.webp
200 OK 802 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/301009.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c9422497b6e10105b611c1edda16548b
c4850bac7017cdf6402f8101ffddc48980ace59e
79c05b394a6700a49a820172f089ee6937ed2376cf1d01cd698e82b61f051a05
GET /resized/size16/sfiles/logo_teams/301009.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 802
cache-control: max-age=94608000
expires: Thu, 03 Dec 2026 04:29:03 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="301009.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: a95baffeeb5cdc78253ca6746ed7b8e0
x-time-ng: 0.000
age: 7477
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/443f55a6a7f92f1a85564edac4a9ee72.webp
591 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/443f55a6a7f92f1a85564edac4a9ee72.webp
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 16x16, components 3\012- data
Hash 7a333f9899e0c194ce7164867bb944f8
744b5f6dcea8ece6e8e1ea56815929264658de33
36049271de3449a22b1a2ed8241de58551b765e6ff911aeece3d6aff5adb9d6e
GET /resized/size16/sfiles/logo_teams/443f55a6a7f92f1a85564edac4a9ee72.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/jpeg
content-length: 591
cache-control: max-age=94608000
expires: Sun, 22 Nov 2026 14:17:17 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="443f55a6a7f92f1a85564edac4a9ee72.jpg"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 66d3dee8a47716e66b2d1df887c87083
x-time-ng: 0.055
age: 10157783
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/192851.webp
200 OK 490 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/192851.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 23fa8541405b91831ec0c099e83dc589
b9628bbc0c3fdc5fcd68ab77ce6430c5e823c890
b70bd6d9fb3ea742e1d2430da51d4df9903f1cde1b43f2567133c0dea5f4c990
GET /resized/size16/sfiles/logo_teams/192851.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 490
cache-control: max-age=94608000
expires: Thu, 22 Oct 2026 22:05:14 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="192851.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 41de888d5b5f21e9fb022212ef781eb8
x-time-ng: 0.057
age: 4105098
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/cf9f8d26fdf7f8a3abc657106786835e.webp
446 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/cf9f8d26fdf7f8a3abc657106786835e.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 83895bc6679e95791ca07245eee60a30
724ecefbd9c2321d747416a0941cfdf7c93b5c10
d20e1488342b4ee7ab7c05bbacd30b44b6fdbf2097cdc8fd94640799b918d907
GET /resized/size16/sfiles/logo_teams/cf9f8d26fdf7f8a3abc657106786835e.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 446
cache-control: max-age=94608000
expires: Fri, 23 Oct 2026 10:53:23 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="cf9f8d26fdf7f8a3abc657106786835e.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 2f431fe97530eaef8c76f46bffdceaeb
x-time-ng: 0.000
age: 4831077
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/1154393.webp
562 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/1154393.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash cf67904a37309252b9000957d08275ec
9304a34ea9f2271bb81132355cda25427586d6d6
3f1486e015d8df54943debccad48d9664ad61327d75f47030a9c3f6f3fdf81fe
GET /resized/size16/sfiles/logo_teams/1154393.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 562
cache-control: max-age=94608000
expires: Thu, 29 Oct 2026 14:38:28 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="1154393.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: f6e79da8aa5e4f616f824a093cd38866
x-time-ng: 0.026
age: 2994908
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/49489.webp
200 OK 596 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/49489.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 16x16, components 3\012- data
Hash 268eb56888921958503ddf70c985879a
20634da1b387fe73d2c8c48ba2b5c14b57a6b813
4312c420f2ab0d717be4d253e3c15a4363c4074528afae710155b7436da22753
GET /resized/size16/sfiles/logo_teams/49489.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/jpeg
content-length: 596
cache-control: max-age=94608000
expires: Thu, 12 Nov 2026 06:34:11 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="49489.jpg"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 8a2e788348f58c50460657186a18bcf1
x-time-ng: 0.024
age: 8001271
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/742d40ce2bf75aa443b7f9750027b064.webp
600 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/742d40ce2bf75aa443b7f9750027b064.webp
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 16x16, components 3\012- data
Hash b174fb8efa8fd955644604566788ab55
215e15dc8d71eb96164db2008c62e7c1fa00ef97
b39a786873e5d9dd95ad99d7e5e34036b9a9a441f7521c771e1fc9c7c33ce81f
GET /resized/size16/sfiles/logo_teams/742d40ce2bf75aa443b7f9750027b064.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/jpeg
content-length: 600
cache-control: public, max-age=94608000
expires: Fri, 03 Jul 2026 11:38:28 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="742d40ce2bf75aa443b7f9750027b064.jpg"
content-security-policy: script-src 'none'
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 447720cbe3d5e3a77d4f1e181632a651
age: 17330743
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/c6fee592d90f93e951a51be94743d191.webp
200 OK 612 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/c6fee592d90f93e951a51be94743d191.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 16x16, components 3\012- data
Hash b388352688f805ed69fc37661821a32d
a184abf424ca337b9dc723621621358781d077f6
e095c65ce8adeb8ab0affc997f667b45f6ab8c6dd3fd909622f7b08c6e7983cb
GET /resized/size16/sfiles/logo_teams/c6fee592d90f93e951a51be94743d191.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/jpeg
content-length: 612
cache-control: public, max-age=94608000
expires: Fri, 20 Nov 2026 11:38:41 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="c6fee592d90f93e951a51be94743d191.jpg"
content-security-policy: script-src 'none'
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 6d0d85776c096d3b6291c2043716505d
age: 18275896
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/41b2409df33e724859635d1895c79d8d.webp
460 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/41b2409df33e724859635d1895c79d8d.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 98c78e24ef594a0e2d9819cd2c499e5c
d2393d3f9f3c251538d5b24bfd33a82e3efa6734
f31ef5260e93a67b06ec552c0efe0749a8029ffb9fb087ad27840f4972a24897
GET /resized/size16/sfiles/logo_teams/41b2409df33e724859635d1895c79d8d.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 460
cache-control: max-age=94608000
expires: Thu, 08 Oct 2026 13:19:59 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="41b2409df33e724859635d1895c79d8d.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: c18debd63771a69543ee6afaadef2001
x-time-ng: 0.068
age: 4814017
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/9377f2dbfbf6a5159c22398b14f9d4df.webp
200 OK 690 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/9377f2dbfbf6a5159c22398b14f9d4df.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7791e2731f8733a5dfdf8a644bf93603
a0f8d2193a92c19f49cc21165d12f030187e9973
7ca3b2360e704b64273123347f9b36e9a1c95c9da9f315ec55377c412693e42a
GET /resized/size16/sfiles/logo_teams/9377f2dbfbf6a5159c22398b14f9d4df.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 690
cache-control: max-age=94608000
expires: Sun, 01 Nov 2026 06:07:36 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="9377f2dbfbf6a5159c22398b14f9d4df.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 29be562ab5c4dcf51e40c5dbabba0642
x-time-ng: 0.000
age: 2766360
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/a13b1c4f1b89b596142ae4e32ac1a027.webp
646 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/a13b1c4f1b89b596142ae4e32ac1a027.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash cf796398b1a266683f1fe56177221642
ab3e6e484b4d5482ba0b5c2c78f7345086676361
71dd463dbeb37fd05c876a2c656e204f794600b84160b655e917d818c3cdf3dc
GET /resized/size16/sfiles/logo_teams/a13b1c4f1b89b596142ae4e32ac1a027.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 646
cache-control: max-age=94608000
expires: Sun, 29 Nov 2026 06:01:10 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="a13b1c4f1b89b596142ae4e32ac1a027.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: b4e82e6dae8b424b26d58ada9bdd9178
x-time-ng: 0.000
age: 2757656
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/logo-champ/4f2eef2015329ded6ea85f7f45280e69.webp
200 OK 3.6 kB URL GET HTTP/2 v3.traincdn.com/sfiles/logo-champ/4f2eef2015329ded6ea85f7f45280e69.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 65351657520f477032d4f1cc52098142
e3d2cf2efea3ab4389cbda407a1b1f5a2d781ab7
57dd50f1280758f5ca2e626d8f0b2d74b253832d98033f35f04c4831c46a8e9b
GET /sfiles/logo-champ/4f2eef2015329ded6ea85f7f45280e69.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 3606
cache-control: public, max-age=86400
etag: "65351657520f477032d4f1cc52098142"
expires: Tue, 05 Dec 2023 05:00:41 GMT
last-modified: Tue, 31 Jan 2023 03:34:13 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 5576
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/39829.webp
200 OK 806 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/39829.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash e06422d27aedabd260835b652ca4f003
5f3645e6711620420ff753f8d56324c156ba9f5c
2ed431427c0123b9bf1d6ce8217326527d9c1e026f69de0ea39d505b4f8aabe1
GET /resized/size16/sfiles/logo_teams/39829.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 806
cache-control: max-age=94608000
expires: Tue, 01 Dec 2026 23:58:09 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="39829.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: a205e191cf029ebd9ac25a86703058a7
x-time-ng: 0.000
age: 143260
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/153599.webp
200 OK 750 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/153599.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash a44eef24b1d038abfe7580505fba4257
0af9bb5e8604f631a0a23751e7d2eb274f2e1bb1
23ca392e0f156bc065613ecad82c989ca27e083397e006579e450364b43f91b9
GET /resized/size16/sfiles/logo_teams/153599.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 750
cache-control: max-age=94608000
expires: Tue, 01 Dec 2026 06:03:29 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="153599.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: e3b082dd9c122fa90d8f0ff99edad9ed
x-time-ng: 0.000
age: 2274716
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/39831.webp
200 OK 814 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/39831.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9d8d6384fa44593753b715a0b7322f79
dfb085e76d4741538e544738951c1cf099c3029b
8757767d93f9119f3275c6b80adf6f7b39e824433e82127bde72343622e4e5ec
GET /resized/size16/sfiles/logo_teams/39831.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 814
cache-control: max-age=94608000
expires: Wed, 02 Dec 2026 06:08:17 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="39831.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 71a2d242892252ac32e0bb3cf04783e7
x-time-ng: 0.000
age: 143260
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/201503.webp
782 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/201503.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 03d8681e7e2721924d7c7f15dfb4295f
5c7a53ea25bffbc66417eaf8dfc7a46308b70639
eb8cabfaaf0ac3e84ebd4b674e22d122694a4f1488a570866f491121c8faf0b5
GET /resized/size16/sfiles/logo_teams/201503.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 782
cache-control: max-age=94608000
expires: Tue, 01 Dec 2026 05:50:58 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="201503.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 5b142627fcf7a9646c239c9b7ee72f45
x-time-ng: 0.048
age: 238705
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
13 kB URL 1xlite-686449.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (56546), with no line terminators
Hash 123fb4e5c762cdfcb99cace08a4c1e59
6ee801c62b2fb082bfb19b57bf62b1f7878eb67b
c7bc18a1f7556eb6e7916daec3662ef9d04f2cd1730998e10c9fd1519fe30e00
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: application/json; charset=utf-8
content-length: 12622
cache-control: public,max-age=5
content-encoding: br
vary: Accept-Encoding
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.025
X-Firefox-Spdy: h2
widget.suphelper.top/injector.js
200 OK 77 kB URL GET HTTP/2 widget.suphelper.top/injector.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8dd43369da0c801afe6a17d33a8dba42
f3917a4c37bae8ee6373dc6cd254614165e598ac
20f36d26741482b059041bfbf00eb8b0040d258035841bc9ee9bd2e71b1cf6dc
GET /injector.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"32bb9-18bb2adf05b"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
expires: Mon, 04 Dec 2023 10:33:35 GMT
server: cloudflare
cf-ray: 830204cd6eb10b69-OSL
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/baa08578.css
200 OK 1.2 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/baa08578.css
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (5258), with no line terminators
Hash 6f7bb654a8ff7a45f3ed9c669ad978f5
7b5291e27871afb8fd7c6af697d13bcb0c3ae3d0
07342ea5f036e572ba62bb389916504de99f73c284cc3d7df8fce958527408e3
GET /_nuxt/desktop/default/css/baa08578.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: text/css
content-length: 1159
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-487"
expires: Mon, 04 Dec 2023 11:07:14 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69982
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-c36c8eef.js
200 OK 3.7 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-c36c8eef.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (10912), with no line terminators
Hash 4b1724131d0b0302fd5f53a36dc3c7b1
006d9ac6ca16258b0722b4c94f5e09e27238b8fe
030af0437c3c6cae1e808dcec03f8d397df02ddf92ae5b50f2255d6e463d08a1
GET /_nuxt/desktop/default/DownloadAppWidget-c36c8eef.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 3651
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-e43"
expires: Mon, 04 Dec 2023 09:50:29 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 74594
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/web-api/external-api/config/getVideoAccessConfig
3.0 kB URL 1xlite-686449.top/web-api/external-api/config/getVideoAccessConfig
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , ASCII text, with very long lines (24122), with no line terminators
Hash cb0bc8eedc642fc591c0eef57e6c67e5
6c62aeececef0a5ff474bb21bf569ad8d48f6bd0
c57136f602923fc19534e58f7da5a483616d80031222372e19a29fd6f22b0a0e
GET /web-api/external-api/config/getVideoAccessConfig HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=18, dt_total;dur=22.226, wf-uht;dur=0.038
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.022
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/c867ef02.css
682 B URL v3.traincdn.com/_nuxt/desktop/default/css/c867ef02.css
IP
File type ASCII text, with very long lines (4658), with no line terminators
Hash 5ab52a6e88252ff781d8052a6869418d
96ad749111751693f123d2128f881100906712c0
af0512f320255e6401c278f357609d9309d52e41cddc4727517abfb44564c78c
GET /_nuxt/desktop/default/css/c867ef02.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: text/css
content-length: 682
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-2aa"
expires: Mon, 04 Dec 2023 13:52:49 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 60065
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-39c6fa61.js
2.3 kB URL v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-39c6fa61.js
IP
File type ASCII text, with very long lines (7751), with no line terminators
Hash 5cc5e3aad02572868bf6146c83a9750e
c642b583fc3669cb25e9594445125f081a055980
bd55999053a0ec1ea2dff2dec044d801d42250407c687da29a6287e802bf4835
GET /_nuxt/desktop/default/betting.SportsMenuCompact-39c6fa61.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 2302
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-8fe"
expires: Mon, 04 Dec 2023 11:07:37 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69965
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
200 OK 2.8 kB URL GET HTTP/2 1xlite-686449.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10619), with no line terminators
Hash b6a1e600535c994046124eaca0dbe695
78e15ba56200660c4940b977e4ee7d32eb8be2aa
b9c357c3fe8ae6e4a592a92027e3af6e9b7fb88d5adeb7a002b7c064fd347825
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: application/json; charset=utf-8
content-length: 2753
cache-control: public,max-age=5
content-encoding: br
vary: Accept-Encoding
x-time-ng: 0.007
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.015
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp
200 OK 6.9 kB URL GET HTTP/2 v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b7304b532dca88cc708b1c81edf7e051
d9ca9db864badb40bcab6d846ba7110413a339d3
324b9021e7fa1a227b418f5b0707e174d86aa20decea945eab3cea41aac8d2ca
GET /sfiles/games-images/game-previews/190x102/games-no-faceless.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: application/octet-stream
content-length: 6884
cache-control: public, max-age=86400
etag: "b7304b532dca88cc708b1c81edf7e051"
expires: Mon, 04 Dec 2023 08:22:55 GMT
last-modified: Thu, 31 Aug 2023 08:11:01 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:10.000Z
age: 79847
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp
200 OK 8.9 kB URL GET HTTP/2 v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7a49dad906575c61dd636edbe1201479
d4bf0fbfadca8c6d3a7ec8f3d34d08fced98a21d
0e0cd085244f6272acfa6794d90e32685fa203973e85c62fa96f02cddf7172c6
GET /sfiles/games-images/game-previews/190x102/game-58.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: application/octet-stream
content-length: 8880
cache-control: public, max-age=86400
etag: "7a49dad906575c61dd636edbe1201479"
expires: Mon, 04 Dec 2023 10:36:37 GMT
last-modified: Thu, 31 Aug 2023 08:11:00 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
age: 71819
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-460.webp
200 OK 20 kB URL GET HTTP/2 v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-460.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 07836fe2b4bb5ac3ed6a8a1a9f06ee8c
30d4e8192af56abd085d6cbf2b4c5d0828884581
b78d87908d21a0c9e813dcc221a0b5a091368f8d29944ad6b0accb9f445e04e6
GET /sfiles/games-images/game-previews/190x102/game-460.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/webp
content-length: 20520
cache-control: public, max-age=86400
etag: "07836fe2b4bb5ac3ed6a8a1a9f06ee8c"
expires: Mon, 04 Dec 2023 10:42:18 GMT
last-modified: Thu, 02 Nov 2023 10:01:23 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 71480
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp
6.2 kB URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 64ff358fd3a82358542d29d53649dd85
0a15b0731a9468fe49e3b512febe91d951ef6156
a9ae35f930c0bf59e407a0c082347049ae11738d330df4e32f4b2b1129d1470c
GET /sfiles/games-images/game-previews/190x102/game-371.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: application/octet-stream
content-length: 6158
cache-control: public, max-age=86400
etag: "64ff358fd3a82358542d29d53649dd85"
expires: Mon, 04 Dec 2023 08:21:32 GMT
last-modified: Thu, 31 Aug 2023 08:10:58 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:04.000Z
age: 79931
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp
200 OK 20 kB URL GET HTTP/2 v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2c02d34e261b48da9db2682ad433c5e8
e6b9618ac0040910f755a6f24dcb2f5500bb9aca
d8db064ea1623849ccee86b27bdb7825aa0dc452293576de352f9269af60ecfe
GET /sfiles/games-images/game-previews/190x102/game-249.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: application/octet-stream
content-length: 19770
cache-control: public, max-age=86400
etag: "2c02d34e261b48da9db2682ad433c5e8"
expires: Mon, 04 Dec 2023 10:37:35 GMT
last-modified: Thu, 31 Aug 2023 08:10:56 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:00.000Z
age: 71767
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true
200 OK 1.9 kB URL GET HTTP/2 1xlite-686449.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5476), with no line terminators
Hash 0c4ea53afc5da095c651eb0b3e4cce11
2db7f3fb43d8e5e9153e6f3d6d8126e7ac96b741
2391fa11ffedcd0b3da684907afbbb23b6fb35f8d0834a77f01e4d3c230c8019
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: application/json; charset=utf-8
content-length: 1870
cache-control: public,max-age=5
content-encoding: br
vary: Accept-Encoding
x-time-ng: 0.064
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.077
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/7090b01f.css
200 OK 80 B URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/7090b01f.css
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 99f16f43c1db94e4e758dcfe16ec462b
8a82f7169b8b0cce028a2fab8ea2e2b4c9b33d90
5de20e76112564f64b1b01edc1b573c57db66690eda9845523e06fb71c38eb07
GET /_nuxt/desktop/default/css/7090b01f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: text/css
content-length: 80
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-50"
expires: Mon, 04 Dec 2023 13:18:51 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 62085
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Betting.Coupon.Desktop.MainTab.CouponRegistrationButton-04ad09a9.js
200 OK 848 B URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Betting.Coupon.Desktop.MainTab.CouponRegistrationButton-04ad09a9.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (1530), with no line terminators
Hash 5f4668ba080750e69759c27e50faa016
32a6e5e68a4a32e9ec52dadd9bb9c90dac0b2a5e
a5d9e103083cf2223e02e68f7a5007a4c4aa5fa6b0cff62fa7f1a24c63df714b
GET /_nuxt/desktop/default/Betting.Coupon.Desktop.MainTab.CouponRegistrationButton-04ad09a9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 848
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-350"
expires: Mon, 04 Dec 2023 11:08:12 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69929
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg
694 B URL v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg
IP
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1220), with no line terminators
Hash 3ae81b002dca46d3b732ce3e03ae35c6
388d37b5f714937677de74330a8daab0a0d1196b
1c76b93f07c6a861c4ad9529059ea99ae69f2451788da7cab1f17fa94d54382e
GET /genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: image/svg+xml
content-length: 694
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"3ae81b002dca46d3b732ce3e03ae35c6"
expires: Mon, 04 Dec 2023 06:50:39 GMT
last-modified: Wed, 19 Apr 2023 11:51:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 2579
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sys-icons/1.0.212/285/coloredSvg.svg
22 kB URL v3.traincdn.com/sys-icons/1.0.212/285/coloredSvg.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (62897), with no line terminators
Hash a8022e367298bde0f97fcfefd9ec08a8
9669a1d2ffbe30948741fc217ac1f278579a677f
75e00a9d09d88cfb14c4333a9b4b6abd3d8827c77a541b479ae87d2f9369d526
GET /sys-icons/1.0.212/285/coloredSvg.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: image/svg+xml
content-length: 21678
cache-control: max-age=86400
content-encoding: gzip
etag: W/"a8022e367298bde0f97fcfefd9ec08a8"
expires: Mon, 04 Dec 2023 11:07:21 GMT
last-modified: Mon, 27 Nov 2023 07:27:22 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-mtime: 1701070040.783870721
x-time-ng: 0.002
age: 69981
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sys-icons/1.0.212/285/logos.svg
15 kB URL v3.traincdn.com/sys-icons/1.0.212/285/logos.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (34054), with no line terminators
Hash fa9bb56d0333e51a2e20e890b1578077
4d13dd10fe635fcef3b4da010d46e7485211badc
25bafe20c85395893b739e4cec203afee2018ca4874baf2e4ebb21a668ed9a26
GET /sys-icons/1.0.212/285/logos.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: image/svg+xml
content-length: 14765
cache-control: max-age=86400
content-encoding: gzip
etag: W/"fa9bb56d0333e51a2e20e890b1578077"
expires: Mon, 04 Dec 2023 11:07:14 GMT
last-modified: Mon, 27 Nov 2023 07:27:22 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-mtime: 1701070040.783870721
x-time-ng: 0.002
age: 69984
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/web-api/default/img/icons/pixels2.svg?v=1701671622
200 OK 4.6 kB URL GET HTTP/2 1xlite-686449.top/web-api/default/img/icons/pixels2.svg?v=1701671622
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash 0f99d4ac85cbbca1f966804cc4d34c17
04864f84aa72cff1282bae20fea3ee7c471cbaf9
0c14d942339a8080d2bbadd534935fc882aa26a4b729e9ea500af9ad2dcf31ca
GET /web-api/default/img/icons/pixels2.svg?v=1701671622 HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=41, dt_total;dur=49.678, wf-uht;dur=0.066
x-dt: 285
x-time-ng: 0.048
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-686449.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100
54 kB URL 1xlite-686449.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (25207), with no line terminators
Hash ebe9f30664cfc7ebbdf143bb3cc542f7
f2f4194de9d0cfc74a185db4e72b8537753f8bfb
b37f811e5fe1d4200ce230defaf0fb670e51f45f4beae50c456e69fe70c5d820
GET /web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=94, dt_total;dur=95.086, wf-uht;dur=0.119
x-dt: 285
x-time-ng: 0.095
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/pages/index-df53b81c5c29ae7b.js
73 kB URL widget.suphelper.top/_next/static/chunks/pages/index-df53b81c5c29ae7b.js
IP
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type gzip compressed data, from Unix\012- data
Hash 2a7f2b4f892256c4c0b3463d583ac707
03a5522e1b824fd2fa2fa230e988feaccd3402c5
b1042754c02dfc37a03b6a5b699af8bba55ea8b64887264b62ba920b190d4e58
GET /_next/static/chunks/pages/index-df53b81c5c29ae7b.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"192b4-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 1052863
expires: Tue, 03 Dec 2024 06:33:37 GMT
server: cloudflare
cf-ray: 830204d9dca80b69-OSL
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg
82 kB URL v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg
IP
File type JPEG image data, progressive, precision 8, 1380x248, components 3\012- data
Hash ad5f0025317357d48209be53322c4854
c95715c6077d270ab0d901fa43184565216d6177
e7d3aa1ad1cf16bb24ada1e8ab541fbd94aa6196e7f98e50b244c70b0d9b2204
GET /genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:38 GMT
content-type: image/jpeg
content-length: 81954
cache-control: public, max-age=3600, s-maxage=3600
etag: "ad5f0025317357d48209be53322c4854"
expires: Mon, 04 Dec 2023 06:55:07 GMT
last-modified: Thu, 05 Oct 2023 10:29:43 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 2313
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png
200 OK 231 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 1380 x 248, 8-bit/color RGBA, non-interlaced\012- data
Size 231 kB (231413 bytes)
Hash 5f92240dea2753875e3104a6704f93e6
41d042b4876f18001842a761d05ad4a0575ca7f4
2d51f316311a3977d1dcee31a3332f720f72a842d8924ea4b8f014a23ca859b7
GET /genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:38 GMT
content-type: image/png
content-length: 231413
cache-control: max-age=86400
etag: "5f92240dea2753875e3104a6704f93e6"
expires: Mon, 04 Dec 2023 06:50:32 GMT
last-modified: Wed, 21 Jun 2023 09:54:48 GMT
server: nginx
access-control-allow-origin: *
server-timing: wf-uht;dur=0.035
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 2586
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/f4a39966ab8f5e5125e92fedcf3a3092.jpg
200 OK 118 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/f4a39966ab8f5e5125e92fedcf3a3092.jpg
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1380x248, components 3\012- data
Size 118 kB (118446 bytes)
Hash 9cd4c456518a68605eb7097cf9acf4e0
18da850ee009b3614297b700c93869de38a93fa5
f3a2d6ba7aa1e669da89c03d5aac79195c2133a5bb1086c65cdfc39a1c3965e2
GET /genfiles/cms/1/desktop/banner/f4a39966ab8f5e5125e92fedcf3a3092.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:38 GMT
content-type: image/jpeg
content-length: 118446
cache-control: public, max-age=3600, s-maxage=3600
etag: "9cd4c456518a68605eb7097cf9acf4e0"
expires: Mon, 04 Dec 2023 07:21:19 GMT
last-modified: Tue, 22 Aug 2023 12:35:25 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 739
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.jpg
147 kB URL v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1380x248, components 3\012- data
Size 147 kB (147402 bytes)
Hash 9d1ab102184100544b4a72fcc6a8c458
79a64d17a182311cf4f856e39c83e3d9c5b1e55b
0fd0800599423b6bc4c2fe90c96f0025f4dd0d13d0c4b535e9421e21049a0903
GET /genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:38 GMT
content-type: image/jpeg
content-length: 147402
cache-control: public, max-age=3600, s-maxage=3600
etag: "9d1ab102184100544b4a72fcc6a8c458"
expires: Mon, 04 Dec 2023 07:33:29 GMT
last-modified: Tue, 11 Apr 2023 18:15:17 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 9
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png
200 OK 231 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 1380 x 248, 8-bit/color RGBA, non-interlaced\012- data
Size 231 kB (231413 bytes)
Hash 5f92240dea2753875e3104a6704f93e6
41d042b4876f18001842a761d05ad4a0575ca7f4
2d51f316311a3977d1dcee31a3332f720f72a842d8924ea4b8f014a23ca859b7
GET /genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:38 GMT
content-type: image/png
content-length: 231413
cache-control: max-age=86400
etag: "5f92240dea2753875e3104a6704f93e6"
expires: Mon, 04 Dec 2023 06:50:32 GMT
last-modified: Wed, 21 Jun 2023 09:54:48 GMT
server: nginx
access-control-allow-origin: *
server-timing: wf-uht;dur=0.035
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 2586
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/f4a39966ab8f5e5125e92fedcf3a3092.jpg
200 OK 118 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/f4a39966ab8f5e5125e92fedcf3a3092.jpg
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1380x248, components 3\012- data
Size 118 kB (118446 bytes)
Hash 9cd4c456518a68605eb7097cf9acf4e0
18da850ee009b3614297b700c93869de38a93fa5
f3a2d6ba7aa1e669da89c03d5aac79195c2133a5bb1086c65cdfc39a1c3965e2
GET /genfiles/cms/1/desktop/banner/f4a39966ab8f5e5125e92fedcf3a3092.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:38 GMT
content-type: image/jpeg
content-length: 118446
cache-control: public, max-age=3600, s-maxage=3600
etag: "9cd4c456518a68605eb7097cf9acf4e0"
expires: Mon, 04 Dec 2023 07:21:19 GMT
last-modified: Tue, 22 Aug 2023 12:35:25 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 739
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.suphelper.top/sounds/new-message.mp3
30 kB URL widget.suphelper.top/sounds/new-message.mp3
IP
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type MPEG ADTS, layer III, v1, 192 kbps, 48 kHz, JntStereo\012- data
Hash ef9af24dc7dbd24ffd99c832e1300351
f78744a5013038446c468de14f205f2d52373fd6
5049d7fe87a7327a291441181d1a328a15f46a21081b970502c540406011c9b9
GET /sounds/new-message.mp3 HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:38 GMT
content-type: audio/mpeg
content-length: 29952
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"7500-18bb2adf067"
cf-cache-status: HIT
age: 1096
expires: Mon, 04 Dec 2023 10:33:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 830204e2afe80b69-OSL
X-Firefox-Spdy: h2
1xlite-686449.top/web-api/api/web/v1/config/actualDomain
200 OK 884 B URL GET HTTP/2 1xlite-686449.top/web-api/api/web/v1/config/actualDomain
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type JSON data\012- , ASCII text
Hash 17746aad3e3da8f558fb190504917d51
2fbe4686fc246e98f2d14325b0c33c7f6dcb2d05
8a99a49f083234ec3db5e1c9ac9ea3b7930e657d0ce86a62622a0a051d23ee66
GET /web-api/api/web/v1/config/actualDomain HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:34 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=26, dt_total;dur=43.316, wf-uht;dur=0.095
set-cookie: SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
x-dt: 285
x-time-ng: 0.028
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-686449.top/web-api/api/v3/bonuses/first-deposit
200 OK 788 B URL GET HTTP/2 1xlite-686449.top/web-api/api/v3/bonuses/first-deposit
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 932484d8872226316695d920e6e87455
a8812ae0ab7da10914caf0c97cb4ba2f04112e16
1ceb6f2561e906e3f88a436dfc6f6946f498ff7913a5d43abfa64a52a1460cd3
GET /web-api/api/v3/bonuses/first-deposit HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:35 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=41, dt_total;dur=44.892, wf-uht;dur=0.056
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.045
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
widget.suphelper.top/
200 OK 115 kB IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (42794), with no line terminators
Size 115 kB (115201 bytes)
Hash 60235666ba8378421fb3275c0ba140b6
08f281018f76d14f90887ae3312bc5ba1949e526
645cdb6848b53340820b7a81ff3afea01be1f425858d2fe7bfcc111bf11d058b
GET / HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=60, stale-while-revalidate=30
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 830204d77bb00b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
1xlite-686449.top/web-api/registration/fields
7.6 kB URL 1xlite-686449.top/web-api/registration/fields
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , ASCII text, with very long lines (31720), with no line terminators
Hash 71c67d29a6f0417317cc3bb732131368
af234254945862f8962bd6376e767bf1974279af
7beadb83d11ad8bf83a9f4fc7382dd066ed12718f873b8545b45db44f988660e
POST /web-api/registration/fields HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
Content-Length: 19
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391; sh.session.id=a4a5583a-b689-4f4c-823d-7b45aad5efb9; ggru=202
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:39 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=122, dt_total;dur=149.813, wf-uht;dur=0.163
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.135
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/29d8e4f8/_ssgManifest.js
851 B URL widget.suphelper.top/_next/static/29d8e4f8/_ssgManifest.js
IP
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type gzip compressed data, from Unix\012- data
Hash 551fcd81fdcf1e4cac62b49428ee152a
241e060f1abc2fb68c74a4d61733345f93d6c7d7
2622e5e6cec3b1d0c60162cf4abc330b2360edc551d45296ca18fe55109ba879
GET /_next/static/29d8e4f8/_ssgManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"4d-18bb2adf0eb"
vary: Accept-Encoding
cf-cache-status: HIT
age: 779248
expires: Tue, 03 Dec 2024 06:33:37 GMT
server: cloudflare
cf-ray: 830204d9dcab0b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/739a4b8284350dc0cd7c308e8157ef66.webp
832 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/739a4b8284350dc0cd7c308e8157ef66.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash df44f3879bfeea5d3b3f2aee2f7206f1
9759cf51902eba032dda87814aae6dbc175a0eed
d7222b1f194f41beb7dc295ff7b0bd8116fb861b86907a142b54948a03909411
GET /resized/size16/sfiles/logo_teams/739a4b8284350dc0cd7c308e8157ef66.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 832
cache-control: max-age=94608000
expires: Mon, 26 Oct 2026 05:32:16 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="739a4b8284350dc0cd7c308e8157ef66.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: ee1a5934bb2dbd3fba6acc862efc9af4
x-time-ng: 0.000
age: 3286887
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/04a886a74f1ccb61aff1f5dcff01942d.webp
834 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/04a886a74f1ccb61aff1f5dcff01942d.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 83259f91671859421caeb6bfe75621ff
c9252927e133e36c8ad63a4526a30a47db5f5def
db307dfd66ceff0c89bc5de64bdf5e368237dc7b228656f4aff4556389efd41a
GET /resized/size16/sfiles/logo_teams/04a886a74f1ccb61aff1f5dcff01942d.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 834
cache-control: max-age=94608000
expires: Mon, 26 Oct 2026 05:30:08 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="04a886a74f1ccb61aff1f5dcff01942d.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 7961e86d2d1c3f694b0b68d2784b04ce
x-time-ng: 0.000
age: 3287026
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/8adb635d01db4ea4fe8bd0d9bcf6a13f.webp
592 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/8adb635d01db4ea4fe8bd0d9bcf6a13f.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7ffe98805642755d01556aa1014fe45d
9a232f1318094c383025e8f00053fd91cb174847
fa537f269b5d54bd64e5f50fb100bd50184a27f4625af442dc5db24bf818eb74
GET /resized/size16/sfiles/logo_teams/8adb635d01db4ea4fe8bd0d9bcf6a13f.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 592
cache-control: max-age=94608000
expires: Thu, 05 Nov 2026 10:49:19 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8adb635d01db4ea4fe8bd0d9bcf6a13f.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: ae8e0eca55d1fd4942e255cb9bb0d55f
x-time-ng: 0.000
age: 4326389
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/e82cf93eebb9022b7e80384e8bf1d2fe.webp
574 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/e82cf93eebb9022b7e80384e8bf1d2fe.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash d569f1c6bf6499c6d16c0a134112a0c2
c35d6983527854732ea2c00e8f7e1df247ffd20b
0410e261779075757ef4ab3977c693dcca4c5fd1f061647e69dce53c53aaa6fc
GET /resized/size16/sfiles/logo_teams/e82cf93eebb9022b7e80384e8bf1d2fe.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 574
cache-control: max-age=94608000
expires: Wed, 02 Dec 2026 17:35:18 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="e82cf93eebb9022b7e80384e8bf1d2fe.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 8ffdab0b5d4a31db1f7a63f28d5a1d66
x-time-ng: 0.000
age: 4311919
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/logo-champ/407e3f43a3627577256dd6545f65adcc.webp
200 OK 4.2 kB URL GET HTTP/2 v3.traincdn.com/sfiles/logo-champ/407e3f43a3627577256dd6545f65adcc.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash eeb47ddeb14a734e9b82a4134e4d96c6
d38b5f569ad87151fc7e9f8cccfc964d5f82a7b2
c3754566035e0f00775deebc3733c782637bd40e78f55299ee9c3dfaac5af2d8
GET /sfiles/logo-champ/407e3f43a3627577256dd6545f65adcc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 4224
cache-control: public, max-age=86400
etag: "eeb47ddeb14a734e9b82a4134e4d96c6"
expires: Mon, 04 Dec 2023 18:17:30 GMT
last-modified: Thu, 28 Sep 2023 05:23:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 44238
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/defaultlogo.webp
200 OK 570 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/defaultlogo.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f2714358e2708608b0cf934d1680a32f
2d1636d9815c993de7e1ef5f3fc5e7887189637a
2a6e00ca01eac6060d143e8e40e0cfb0b22d7a920c89ee12f4c6e51b67907cff
GET /resized/size16/sfiles/logo_teams/defaultlogo.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/png
content-length: 570
cache-control: public, max-age=94608000
expires: Sat, 16 May 2026 08:32:42 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="defaultlogo.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 32af5545687a63b58b5948d698b0b401
age: 18290967
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/logo-champ/sub_e_sport_dota_2.webp
200 OK 3.4 kB URL GET HTTP/2 v3.traincdn.com/sfiles/logo-champ/sub_e_sport_dota_2.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash a46689e442c017ae101b316767eca350
2a48883da6738204defdfb8f81f44f78b7bb0731
9d5e3beccf36f35346ea0fabe57602cb4beed97d6e770e7bf74fa67c963d05a4
GET /sfiles/logo-champ/sub_e_sport_dota_2.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 3422
cache-control: public, max-age=86400
etag: "a46689e442c017ae101b316767eca350"
expires: Mon, 04 Dec 2023 16:20:24 GMT
last-modified: Tue, 03 Jan 2023 12:42:31 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-server-side-encryption: AES256
age: 51235
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/logo-champ/sub_e_sport_king_of_glory.webp
2.8 kB URL v3.traincdn.com/sfiles/logo-champ/sub_e_sport_king_of_glory.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8cea98a7853f449d72b594a5c7af53a8
16a8867f6c2b287a243fe428b14e199baa771a8b
b0975e31a77c1016f1bb2318ce77b94e4e9dd251d6d57538beba1d3153434550
GET /sfiles/logo-champ/sub_e_sport_king_of_glory.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 2804
cache-control: public, max-age=86400
etag: "8cea98a7853f449d72b594a5c7af53a8"
expires: Mon, 04 Dec 2023 10:55:04 GMT
last-modified: Tue, 03 Jan 2023 12:42:46 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-server-side-encryption: AES256
age: 70716
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/51a1852194465b30bb8ee15f3df6233b.webp
200 OK 865 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/51a1852194465b30bb8ee15f3df6233b.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f5774df706ace87d23c4ce7b0310f018
b48d38f97a49a24bc6b3cbb5223bbfc6b6c26f3b
fea5558585aec4ae4576c6f9482209a92982199163099adc1b1f20c429670413
GET /resized/size16/sfiles/logo_teams/51a1852194465b30bb8ee15f3df6233b.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/png
content-length: 865
cache-control: public, max-age=94608000
expires: Sat, 01 Aug 2026 07:55:43 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="51a1852194465b30bb8ee15f3df6233b.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 78cc71ed47a25a5be39b5abd4b771f04
age: 17865575
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/654a5d4e310bc8eb8e0050ccab41888c.webp
738 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/654a5d4e310bc8eb8e0050ccab41888c.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash fcabeb4a89efc1eeec5cf2e8015168fd
ada216b09952455dca45b27f219749644ad694fa
29f9b18b5cc325055a2ba64ff682c6a15d98bb4270ad6ca1170e8ed3a97f16b7
GET /resized/size16/sfiles/logo_teams/654a5d4e310bc8eb8e0050ccab41888c.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 738
cache-control: max-age=94608000
expires: Wed, 02 Dec 2026 18:19:41 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="654a5d4e310bc8eb8e0050ccab41888c.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: ae733b77530097b67b9a301573b32bae
x-time-ng: 0.000
age: 2535814
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/a0e04579a988c3d067ae7c1d69bb021e.webp
200 OK 678 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/a0e04579a988c3d067ae7c1d69bb021e.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c029478b1bd79552478a6dde4a2ddf47
4cd2b4561198789e5f0d0d8fc14e98f8403a1d7d
9706ef8a85e21e0d6e94bf754f541f1ad79dbb966e48bafbfdc2d1b667c86555
GET /resized/size16/sfiles/logo_teams/a0e04579a988c3d067ae7c1d69bb021e.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 678
cache-control: max-age=94608000
expires: Mon, 30 Nov 2026 10:12:56 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="a0e04579a988c3d067ae7c1d69bb021e.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: affbc363787a6d4127e80caf9a898636
x-time-ng: 0.000
age: 246254
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/be6e0c88c9d3a79155443c82001c3801.webp
818 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/be6e0c88c9d3a79155443c82001c3801.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash e9441a6cf7c9e11d13391e7803308a10
6db234bc6208f0abca0e33bbb298cd0d0f9ccc42
453188abf2e65b85298b5b18bd97f3744aded83690416b3874fea623a6953b61
GET /resized/size16/sfiles/logo_teams/be6e0c88c9d3a79155443c82001c3801.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 818
cache-control: max-age=94608000
expires: Tue, 01 Dec 2026 08:19:20 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="be6e0c88c9d3a79155443c82001c3801.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 37791c3c46e3a8507e5b240b52858bac
x-time-ng: 0.000
age: 166466
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/7bff932d2b4238d0e338c0520958c1a3.webp
200 OK 752 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/7bff932d2b4238d0e338c0520958c1a3.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash ca2f57506cea1ade32ad872c4e25a964
d7a724a8181c5044a63ecda4d77eafe6cc88fe88
e0fc0958f3e752288a05093f3b0c79aa26fb23e71b35a26109cf50b683cc8249
GET /resized/size16/sfiles/logo_teams/7bff932d2b4238d0e338c0520958c1a3.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/png
content-length: 752
cache-control: max-age=94608000
expires: Thu, 13 Aug 2026 07:35:28 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="7bff932d2b4238d0e338c0520958c1a3.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 3b4a232e04f35cca7845c77212bfec20
x-time-ng: 0.000
age: 9673092
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/6e46d1bd33ede30614852b3016efc89c.webp
200 OK 620 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/6e46d1bd33ede30614852b3016efc89c.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9010eec6107f040f520badfd4baee19a
546139ca62116980e048177b5f7a54e15ad264e2
a6b0973cdb1b0bdc54e0fb4294ce784b530aa83822810d32d4a76b182ea70a25
GET /resized/size16/sfiles/logo_teams/6e46d1bd33ede30614852b3016efc89c.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 620
cache-control: max-age=94608000
expires: Sat, 03 Oct 2026 06:24:51 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="6e46d1bd33ede30614852b3016efc89c.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 55e7e29f7f6af88a6e3a9a513f0b7869
x-time-ng: 0.038
age: 6535405
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/a59e33dcc6541134f0ed75f4ea5cfadd.webp
642 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/a59e33dcc6541134f0ed75f4ea5cfadd.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9a3594bd84a13de9f7ffe3979f199a41
3b3c8690aa20491ba8aece77e662bef2be72c9a7
85000089263a1dea3030c119553090e9b0273d586fba3bf55a3edd0cbab8abae
GET /resized/size16/sfiles/logo_teams/a59e33dcc6541134f0ed75f4ea5cfadd.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 642
cache-control: max-age=94608000
expires: Mon, 23 Nov 2026 10:30:31 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="a59e33dcc6541134f0ed75f4ea5cfadd.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 6640e4e3c7e83e2e7c6086ed74185ce6
x-time-ng: 0.000
age: 849805
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/43f122bcfd19e1586243429002063d83.webp
200 OK 899 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/43f122bcfd19e1586243429002063d83.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 9afbfe237334e441e574b112484c22f6
d5c00d345c997680241a5901bba47796c6057ac0
430bc60fd5fdbf2960945f1bb9831476dc3c8074e344369f9d31117f19808226
GET /resized/size16/sfiles/logo_teams/43f122bcfd19e1586243429002063d83.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/png
content-length: 899
cache-control: max-age=94608000
expires: Fri, 20 Nov 2026 12:54:52 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="43f122bcfd19e1586243429002063d83.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 09f2d3a742601160ad282e5183653f07
x-time-ng: 0.000
age: 7270703
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/logo-champ/6dec488c4ed168f6537c0eb70f189ca1.webp
200 OK 1.7 kB URL GET HTTP/2 v3.traincdn.com/sfiles/logo-champ/6dec488c4ed168f6537c0eb70f189ca1.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 4dc8d8b44dafd2a6cecee0ee84afdaa0
cd73b58444e4a8d8e86e52c251d5372e48c4b506
9f4f314aff2857723ccc331a8467a33e741ae54468ac611c1b70be7e08efd9c8
GET /sfiles/logo-champ/6dec488c4ed168f6537c0eb70f189ca1.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 1688
cache-control: public, max-age=86400
etag: "4dc8d8b44dafd2a6cecee0ee84afdaa0"
expires: Tue, 05 Dec 2023 06:19:37 GMT
last-modified: Wed, 29 Nov 2023 06:18:01 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 843
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/69be61b07140c59924a2a232e42c270a.webp
693 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/69be61b07140c59924a2a232e42c270a.webp
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 5308fd26e89b6213f5531a4c83fffeef
4f5cc7e02ed744248b2be67ae07acc6287f384df
edfdb434c6515ed39f8f5aa7aeabc73a780be6d73b13c53cf58cb1e2651494fe
GET /resized/size16/sfiles/logo_teams/69be61b07140c59924a2a232e42c270a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/png
content-length: 693
cache-control: max-age=94608000
expires: Thu, 03 Sep 2026 06:15:49 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="69be61b07140c59924a2a232e42c270a.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 3966b3ea0f780b681f46e5e7f365980d
x-time-ng: 0.000
age: 10882734
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/8175967de0c5d8504475305d77430148.webp
200 OK 718 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/8175967de0c5d8504475305d77430148.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 9c44ca91397fefedb621444a266640ac
57dba4349237f8fcd4550b758bdbe7e0e163fcfc
a4e5405cc3b8a5c0856b2ca3d04e3e883ea3db4b3dc1c697a467d7d5c242bcd4
GET /resized/size16/sfiles/logo_teams/8175967de0c5d8504475305d77430148.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/webp
content-length: 718
cache-control: max-age=94608000
expires: Wed, 25 Nov 2026 22:39:20 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8175967de0c5d8504475305d77430148.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 346ec3859c8059b6afebda71a9ca5965
x-time-ng: 0.000
age: 633334
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/623-df7322d476582728.js
109 kB URL widget.suphelper.top/_next/static/chunks/623-df7322d476582728.js
IP
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 109 kB (108700 bytes)
Hash 90e30369dbb0d01907d3809106b25b6b
4ab07012f85fe5d23b5293b5a123d26c60e14e04
5234dfdf9144bf857f8d92d2638abf70276e03194e2c4397299df410080fe78d
GET /_next/static/chunks/623-df7322d476582728.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"5af82-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 277009
expires: Tue, 03 Dec 2024 06:33:37 GMT
server: cloudflare
cf-ray: 830204d9cca70b69-OSL
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-a7ecf566.js
200 OK 8.6 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-a7ecf566.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (38670), with no line terminators
Hash 134425bb4563807c96bb72643fe7a256
bc87371e95397df23f9574daa76b8372ca5bcd18
8f2569f82107de65d76703638d709b858f5d5ab6420df5c8fb3461f2bf27f8f9
GET /_nuxt/desktop/default/vendors/Registration.Fields-a7ecf566.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: application/javascript; charset=utf-8
content-length: 8555
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-216b"
expires: Mon, 04 Dec 2023 12:04:02 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 66578
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js
51 kB URL widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js
IP
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type gzip compressed data, from Unix\012- data
Hash 860531aec1ee1ca5a48fe2a56ccb373c
d5594dceb5962ebe96f3bc9249760b5929b71f57
d00849a958a16b33b3d582e84a9eb3899e7b6fa6d0ac5fb1c586e2213198d833
GET /_next/static/chunks/framework-49f1e091cbf6b261.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 Nov 2023 12:45:49 GMT
etag: W/"22695-18b9011853a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 1046206
expires: Tue, 03 Dec 2024 06:33:37 GMT
server: cloudflare
cf-ray: 830204d9bc9d0b69-OSL
X-Firefox-Spdy: h2
1xlite-686449.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
200 OK 2.7 kB URL GET HTTP/2 1xlite-686449.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10607), with no line terminators
Hash 6724ec980b2408591db494f9d9df89bc
c34790ca7dd50b2cffa3d17dc6296a22b05c3525
1d7b9da8a606c0d2fd98f157bf4cc1b7c3f56d98609f49f8aae6b7d58fb5ebda
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391; sh.session.id=a4a5583a-b689-4f4c-823d-7b45aad5efb9; ggru=202
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:43 GMT
content-type: application/json; charset=utf-8
content-length: 2746
cache-control: public,max-age=5
content-encoding: br
vary: Accept-Encoding
x-time-ng: 0.007
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.015
X-Firefox-Spdy: h2
1xlite-686449.top/web-api/session
0 B URL 1xlite-686449.top/web-api/session
IP
ASN #202492 Silverhill Group Holding Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web-api/session HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391; sh.session.id=a4a5583a-b689-4f4c-823d-7b45aad5efb9; ggru=202
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 04 Dec 2023 06:33:43 GMT
cache-control: no-cache, private
server-timing: p;dur=18, dt_total;dur=88.040, wf-uht;dur=0.099
x-dt: 285
x-time-ng: 0.056
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-686449.top/web-api/api/converslon/load
37 kB URL 1xlite-686449.top/web-api/api/converslon/load
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , ASCII text, with very long lines (39545), with no line terminators
Hash e18873fa9bdb12966a31bc60b0ddb919
8b4757e1bc6c8ae5fe5b79d057f64a5c26a21090
30d9549a501aff781354613f1d83b96fabdbc08e3fe62026e477f58da9e0b1dc
GET /web-api/api/converslon/load HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391; sh.session.id=a4a5583a-b689-4f4c-823d-7b45aad5efb9; ggru=202
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:43 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=18, dt_total;dur=22.581, wf-uht;dur=0.035
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.019
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
64 kB URL v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 63748, version 1.0\012- data
Hash 6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:44 GMT
content-type: font/woff2
content-length: 63748
cache-control: max-age=86400
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Mon, 04 Dec 2023 06:59:34 GMT
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 2050
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
200 OK 65 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 64732, version 1.0\012- data
Hash 3ac5d40d1b3966fc5eb09ecca74d9cbf
a69f32357765dd321519889aeacba5e9ca893bb0
3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:44 GMT
content-type: font/woff2
content-length: 64732
cache-control: max-age=86400
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
expires: Mon, 04 Dec 2023 06:45:37 GMT
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.003
age: 2887
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
200 OK 64 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 63920, version 1.0\012- data
Hash a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:44 GMT
content-type: font/woff2
content-length: 63920
cache-control: max-age=86400
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Mon, 04 Dec 2023 06:53:39 GMT
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 2405
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
13 kB URL 1xlite-686449.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (56359), with no line terminators
Hash bc994e1dd93b66a16ac3350fc41f6055
5f4898446ba3bb9cf9112974659d94a00e4475e8
2b7766e3fbfae38c2e724495f9ab995b5acab3042bb43395fbfd0a6903d1b4f8
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391; sh.session.id=a4a5583a-b689-4f4c-823d-7b45aad5efb9; ggru=202
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:45 GMT
content-type: application/json; charset=utf-8
content-length: 12563
cache-control: public,max-age=5
content-encoding: br
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.026
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/analytics-25de2a7a.js
1.6 kB URL v3.traincdn.com/_nuxt/desktop/default/analytics-25de2a7a.js
IP
File type ASCII text, with very long lines (4196), with no line terminators
Hash d4684040b7e91159acee1d76eb9f5155
688f51b2e9a5f07a23d74b22c8583f862159a4c9
bdb552a4e3e0e0ccf04aad80a425044a20dcc9496de9c5954477007da7169afa
GET /_nuxt/desktop/default/analytics-25de2a7a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 1553
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-611"
expires: Mon, 04 Dec 2023 11:07:13 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69993
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66
95 kB URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66
IP
File type Unicode text, UTF-8 text, with very long lines (10691)
Hash ea4be5d17d7c0567d7937004790929fb
5741feacae7985967826a1fc8cfe2851eb071c4e
60043f92f0642caccc04cc40897278903868ce136cc951045554da218bfad83f
GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 06:33:47 GMT
expires: Mon, 04 Dec 2023 06:33:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94613
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js
1.9 kB URL widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js
IP
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
Hash 1b5831be924cfad5a0e27964fddc13f5
b0e2e667ef8fbceea32cdc0f40a7e74f7e00324d
57a0908791bedf38f86c8dc90045662b0c44b0ec2c31ca121844e7be95253890
GET /_next/static/chunks/webpack-fb94d2f19425a3e3.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"ed0-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 1046206
expires: Tue, 03 Dec 2024 06:33:37 GMT
server: cloudflare
cf-ray: 830204d9bc9c0b69-OSL
X-Firefox-Spdy: h2
radar.cedexis.com/1/23802/radar.js
154 B URL radar.cedexis.com/1/23802/radar.js
IP
ASN #63911 NetActuate, Inc
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Mon, 04 Dec 2023 06:33:47 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: /1621860284/stub.js
Expires: Mon, 04 Dec 2023 06:43:47 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT
1xlite-686449.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
298 B URL 1xlite-686449.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , ASCII text, with no line terminators, ASCII text, with no line terminators
Hash 42a15e049f90b56b947ee38ec839b060
55083637ad9c06f6fd32b4ec13740f5450df2e1b
20147c363a2299e96b02c8efc5f00621f4d91a793132c97006fe6ea64166dc1e
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Content-Type: application/json
X-Lang: en
X-Uuid: cfcc1434-f162-445b-bb79-0a3a6f0ec7f8
Content-Length: 130
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391; sh.session.id=a4a5583a-b689-4f4c-823d-7b45aad5efb9; ggru=202
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:46 GMT
content-type: application/json
vary: Accept-Encoding
content-encoding: br
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=74966103.1701671633>m=45je3bt0v897130004&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1427522697
42 B URL www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=74966103.1701671633>m=45je3bt0v897130004&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1427522697
IP
File type GIF image data, version 89a, 1 x 1\012- data\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=74966103.1701671633>m=45je3bt0v897130004&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1427522697 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 06:33:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je3bt0v897130004&_p=1701671632423&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=74966103.1701671633&ul=en-us&sr=1280x1024&_s=1&sid=1701671632&sct=1&seg=0&dl=https%3A%2F%2F1xlite-686449.top%2Fen%3Ftag%3Dd_42282m_22583c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D_d27775_l16418_clickunder%26pb%3D4af4bf2b69b04f5484545de344ba50ee%26click_id%3D09de8060-926f-11ee-ba71-6959eefea15f&dr=https%3A%2F%2Fluckyforbet.com%2F&dt=Online%20sports%20betting%20at%201xBet.%20Norway%20%E1%90%89%201xlite-686449.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=16994
0 B URL region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je3bt0v897130004&_p=1701671632423&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=74966103.1701671633&ul=en-us&sr=1280x1024&_s=1&sid=1701671632&sct=1&seg=0&dl=https%3A%2F%2F1xlite-686449.top%2Fen%3Ftag%3Dd_42282m_22583c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D_d27775_l16418_clickunder%26pb%3D4af4bf2b69b04f5484545de344ba50ee%26click_id%3D09de8060-926f-11ee-ba71-6959eefea15f&dr=https%3A%2F%2Fluckyforbet.com%2F&dt=Online%20sports%20betting%20at%201xBet.%20Norway%20%E1%90%89%201xlite-686449.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=16994
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=45je3bt0v897130004&_p=1701671632423&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=74966103.1701671633&ul=en-us&sr=1280x1024&_s=1&sid=1701671632&sct=1&seg=0&dl=https%3A%2F%2F1xlite-686449.top%2Fen%3Ftag%3Dd_42282m_22583c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D_d27775_l16418_clickunder%26pb%3D4af4bf2b69b04f5484545de344ba50ee%26click_id%3D09de8060-926f-11ee-ba71-6959eefea15f&dr=https%3A%2F%2Fluckyforbet.com%2F&dt=Online%20sports%20betting%20at%201xBet.%20Norway%20%E1%90%89%201xlite-686449.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=16994 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-686449.top
date: Mon, 04 Dec 2023 06:33:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/0c294a17-47e02e0897fc1e03.js
4.4 kB URL widget.suphelper.top/_next/static/chunks/0c294a17-47e02e0897fc1e03.js
IP
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type gzip compressed data, from Unix\012- data
Hash 346893535606a1397c3943732ac94b92
1f8f15f954f031cb6d9a38af2b47a097c70d5cc8
293c7b933e7b043ea767e3586244134a80b387dd0a04e60d3f6b997acb304602
GET /_next/static/chunks/0c294a17-47e02e0897fc1e03.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"266f-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 598546
expires: Tue, 03 Dec 2024 06:33:37 GMT
server: cloudflare
cf-ray: 830204d9cca60b69-OSL
X-Firefox-Spdy: h2
1xlite-686449.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true
200 OK 1.9 kB URL GET HTTP/2 1xlite-686449.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5476), with no line terminators
Hash 55a7ea2d7ff2f084cb83494b2155a389
084273e4dc3bec4baedfbd286f27be48a7c30268
4baf174bd937e2c6d2f77d0be7a2b5b2154bea8d78bc6da7941e4a15e1cc4fa6
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391; sh.session.id=a4a5583a-b689-4f4c-823d-7b45aad5efb9; ggru=202; _ga_7JGWL9SV66=GS1.1.1701671632.1.0.1701671632.60.0.0; _ga=GA1.1.74966103.1701671633
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:48 GMT
content-type: application/json; charset=utf-8
content-length: 1869
cache-control: public,max-age=5
content-encoding: br
vary: Accept-Encoding
x-time-ng: 0.034
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.046
X-Firefox-Spdy: h2
1xlite-686449.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66
1.9 kB URL 1xlite-686449.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6994), with no line terminators
Hash 595c9709afe637b2c6aab26872d094c2
c7747a21ae81568ddf65540c35b5aa674a1e67f9
3c9b46173f0df7b2adf1aa532b5aeddac65af2aa9b8b53dc9c201adaeb294d43
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391; sh.session.id=a4a5583a-b689-4f4c-823d-7b45aad5efb9; ggru=202; _ga_7JGWL9SV66=GS1.1.1701671632.1.0.1701671632.60.0.0; _ga=GA1.1.74966103.1701671633
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:49 GMT
content-type: application/json; charset=utf-8
content-length: 1878
cache-control: public,max-age=5
content-encoding: br
vary: Accept-Encoding
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
1xlite-686449.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
13 kB URL 1xlite-686449.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (56359), with no line terminators
Hash bc994e1dd93b66a16ac3350fc41f6055
5f4898446ba3bb9cf9112974659d94a00e4475e8
2b7766e3fbfae38c2e724495f9ab995b5acab3042bb43395fbfd0a6903d1b4f8
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391; sh.session.id=a4a5583a-b689-4f4c-823d-7b45aad5efb9; ggru=202; _ga_7JGWL9SV66=GS1.1.1701671632.1.0.1701671632.60.0.0; _ga=GA1.1.74966103.1701671633
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:50 GMT
content-type: application/json; charset=utf-8
content-length: 12563
cache-control: public,max-age=5
content-encoding: br
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/pages/_app-d9f24c795423bce0.js
200 OK 1.0 MB URL GET HTTP/2 widget.suphelper.top/_next/static/chunks/pages/_app-d9f24c795423bce0.js
IP
Requested by https://widget.suphelper.top/
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 1.0 MB (1012902 bytes)
Hash 6dec513ced06378d03a655398dda32c6
2a255284779d9679a1354fcc5d1a02913de5ed4b
0caecdb3998ede2e1fb077e5f60b7d088ec9cfa7b4b83f157a110facd54a7d7b
GET /_next/static/chunks/pages/_app-d9f24c795423bce0.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"f74a6-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 960417
expires: Tue, 03 Dec 2024 06:33:37 GMT
server: cloudflare
cf-ray: 830204d9cca40b69-OSL
X-Firefox-Spdy: h2
1xlite-686449.top/web-api/registration
200 OK 3.5 kB URL POST HTTP/2 1xlite-686449.top/web-api/registration
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type Unicode text, UTF-8 text, with very long lines (3770), with no line terminators
Hash 8a278b19b69082c8dce9ee469e984de0
fc0487bbd33760bd02f9ece8ba9fc17e8c2d4c30
e2cf1ee8233443c358d4b0fd4e02cb25646b5aa627c7e2d20c219c20ef1c1cc9
POST /web-api/registration HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
Content-Length: 17
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391; sh.session.id=a4a5583a-b689-4f4c-823d-7b45aad5efb9; ggru=202
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=38, dt_total;dur=39.738, wf-uht;dur=0.055
x-dt: 285
x-time-ng: 0.039
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg
200 OK 51 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1380x248, components 3\012- data
Hash 15b1bda7b31ccc5eacce67afbe6f160b
d41eac3583bb0495a008b0d1e4a584d103feb436
2e1b52936d0c7081d46010cd49e236aed8cefc16adad7c908c108aff4a73718d
GET /genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:38 GMT
content-type: image/jpeg
content-length: 51087
cache-control: public, max-age=86400
etag: "15b1bda7b31ccc5eacce67afbe6f160b"
expires: Mon, 04 Dec 2023 06:53:22 GMT
last-modified: Tue, 11 Apr 2023 18:15:30 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 3205
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/29d8e4f8/_middlewareManifest.js
200 OK 92 B URL GET HTTP/2 widget.suphelper.top/_next/static/29d8e4f8/_middlewareManifest.js
IP
Requested by https://widget.suphelper.top/
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type ASCII text, with no line terminators
Hash 7c3f7e060745668041278118c0bb3d6d
e639f56695b3cc30d78dce7a0084aa8299a1311a
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
GET /_next/static/29d8e4f8/_middlewareManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"5c-18bb2adf0eb"
vary: Accept-Encoding
cf-cache-status: HIT
age: 877786
expires: Tue, 03 Dec 2024 06:33:37 GMT
server: cloudflare
cf-ray: 830204da1ccc0b69-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg
200 OK 51 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1380x248, components 3\012- data
Hash 15b1bda7b31ccc5eacce67afbe6f160b
d41eac3583bb0495a008b0d1e4a584d103feb436
2e1b52936d0c7081d46010cd49e236aed8cefc16adad7c908c108aff4a73718d
GET /genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:38 GMT
content-type: image/jpeg
content-length: 51087
cache-control: public, max-age=86400
etag: "15b1bda7b31ccc5eacce67afbe6f160b"
expires: Mon, 04 Dec 2023 06:53:22 GMT
last-modified: Tue, 11 Apr 2023 18:15:30 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 3205
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-e690df88.js
200 OK 75 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-e690df88.js
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_nuxt/desktop/default/vendors/conversion-e690df88.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 25770
cache-control: max-age=86400
content-encoding: gzip
etag: "656b393a-64aa"
expires: Mon, 04 Dec 2023 11:07:27 GMT
last-modified: Sat, 02 Dec 2023 14:03:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 69983
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/web-api/mobile
200 OK 766 B URL POST HTTP/2 1xlite-686449.top/web-api/mobile
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type troff or preprocessor input, ASCII text, with very long lines (798), with no line terminators
Hash a1fa7c5ce91a392914ba2e635fd908f1
f0b63466ab2589b10c1bd0edeb4da10d58d2e86f
b6e3f9eb42532d09d7df55a88e1f9990555f60b5261867e4218995e5a9607b09
POST /web-api/mobile HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391; sh.session.id=a4a5583a-b689-4f4c-823d-7b45aad5efb9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=20, dt_total;dur=21.932, wf-uht;dur=0.309
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.021
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size14/sfiles/logo_teams/3cb92e6ebde795c08e4eae6b0a6962dc.webp
200 OK 686 B URL GET HTTP/2 v3.traincdn.com/resized/size14/sfiles/logo_teams/3cb92e6ebde795c08e4eae6b0a6962dc.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash e7ff22402366e761761cfa121e6c5383
7dbcb9bb16657eb738d03c8d60e27ff7121bc1c4
c8f7f215e7aa4d2b8c6f5068c1daa8d0c5f71c544a0932173db415841f2dd6c4
GET /resized/size14/sfiles/logo_teams/3cb92e6ebde795c08e4eae6b0a6962dc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:39 GMT
content-type: image/webp
content-length: 686
cache-control: max-age=94608000
expires: Thu, 03 Dec 2026 06:04:52 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="3cb92e6ebde795c08e4eae6b0a6962dc.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: b632d1554e840b2da005b9456477f844
x-time-ng: 0.000
age: 390644
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/genfiles/cms/1/mobile/shortcuts/icon-512x512.png
200 OK 5.2 kB URL GET HTTP/2 1xlite-686449.top/genfiles/cms/1/mobile/shortcuts/icon-512x512.png
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type PNG image data, 514 x 514, 8-bit colormap, non-interlaced\012- data
Hash b9a636eef54b2844b571fe7de49184a7
bf653690790ced40eb3189da075a275d951d1607
001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743
GET /genfiles/cms/1/mobile/shortcuts/icon-512x512.png HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391; sh.session.id=a4a5583a-b689-4f4c-823d-7b45aad5efb9; ggru=202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/png
content-length: 5202
last-modified: Thu, 16 Nov 2023 13:34:54 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size14/sfiles/logo_teams/0331236555a5093d6a7e980782aa8108.webp
200 OK 752 B URL GET HTTP/2 v3.traincdn.com/resized/size14/sfiles/logo_teams/0331236555a5093d6a7e980782aa8108.webp
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash dacf77ef463f7ec2969cd8c7e02c56ec
ddd529a6f6fc89dd028efb883b08789aeab81b9a
36a156fe5c92555a7e54888de99c3daefca5f16cecfde645fc131a03a9907352
GET /resized/size14/sfiles/logo_teams/0331236555a5093d6a7e980782aa8108.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:39 GMT
content-type: image/webp
content-length: 752
cache-control: max-age=94608000
expires: Mon, 30 Nov 2026 20:44:57 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="0331236555a5093d6a7e980782aa8108.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: a73297b8127952c99fbb29352cf520a8
x-time-ng: 0.041
age: 1611280
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js
200 OK 108 kB URL GET HTTP/2 widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js
IP
Requested by https://widget.suphelper.top/
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 108 kB (107844 bytes)
Hash 83680ce862de40c43fc92e04b1ad0a3d
67eb6762545f4e1fee446794f4738d0f0577b6b4
e70f39978f08895aef6849daf891af65bff03e476eb9b1384dfb36cd4ac9fe75
GET /_next/static/chunks/main-fa1d3b21fd97b583.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"1a544-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 955084
expires: Tue, 03 Dec 2024 06:33:37 GMT
server: cloudflare
cf-ray: 830204d9bc9e0b69-OSL
X-Firefox-Spdy: h2
1xlite-686449.top/web-api/api/v3/bonuses/welcome-bonuses
200 OK 618 B URL GET HTTP/2 1xlite-686449.top/web-api/api/v3/bonuses/welcome-bonuses
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type troff or preprocessor input, ASCII text, with very long lines (706), with no line terminators
Hash 0a619cd349d56137a06e0c799875a630
766df2e8f6a93eb6f8b86b47d9d71b1bc7434b34
10200dd044f2e0c48cfcfe7c8672959cfcc4bad7ffd29d6bcc6a5dad0ca7dd32
GET /web-api/api/v3/bonuses/welcome-bonuses HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:36 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=18, dt_total;dur=23.168, wf-uht;dur=0.036
x-dt: 285
x-time-ng: 0.021
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json
200 OK 22 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json
IP
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/betstemplates/bets_model_full_en_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-686449.top/
Origin: https://1xlite-686449.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Mon, 04 Dec 2023 06:33:37 GMT
content-type: application/json
content-length: 4523
cache-control: public, max-age=3600, s-maxage=3600
content-encoding: gzip
etag: W/"3389eced15fc91955a06c6decaaa6816"
expires: Mon, 04 Dec 2023 07:29:16 GMT
last-modified: Sat, 02 Dec 2023 12:40:49 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.001
age: 261
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-686449.top/web-api/default/img/icons/pixels2.svg?v=1701671625
200 OK 90 B URL GET HTTP/2 1xlite-686449.top/web-api/default/img/icons/pixels2.svg?v=1701671625
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-686449.top/en?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Certificate IssuerLet's Encrypt
Subject1xlite-686449.top
Fingerprint75:DA:65:69:CE:95:F9:15:03:18:4B:E8:9D:47:7F:64:AA:E6:0A:09
ValidityThu, 02 Nov 2023 05:19:20 GMT - Wed, 31 Jan 2024 05:19:19 GMT
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash e45f90dcbe718dea3476c4b69b501a4e
e9af26a93c467a77e4733ec537f4f5ce7a4ba089
a439dd8761d9fd4ff88e82e83200877703594491065880dbd4e59ddf4ce1b204
GET /web-api/default/img/icons/pixels2.svg?v=1701671625 HTTP/1.1
Host: 1xlite-686449.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-686449.top/en?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=09de8060-926f-11ee-ba71-6959eefea15f
Cookie: platform_type=desktop; lng=en; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%2209de8060-926f-11ee-ba71-6959eefea15f%22%7D; auid=sv0YU2VtcruDvlLUA1IHAg==; SESSION=3d2b1bd33504c6d9a3d8c67bf27ad8ce; window_width=1280; che_g=beefabaa-277b-2baa-6ac9-d0d5f1d96f4c; _glhf=1701689391; sh.session.id=a4a5583a-b689-4f4c-823d-7b45aad5efb9; ggru=202
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 04 Dec 2023 06:33:40 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=16, dt_total;dur=17.132, wf-uht;dur=0.031
x-dt: 285
x-time-ng: 0.016
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
85.17.29.170
178.253.24.83
104.18.39.72
216.239.32.36
0.0.0.0