1x-xredbet002400.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
178.253.47.23301 Moved Permanently 162 B URL HTTP/1.1 1x-xredbet002400.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
IP 178.253.47.23:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a HTTP/1.1
Host: 1x-xredbet002400.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 26 Jan 2023 22:03:01 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://1x-xredbet002400.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19934
Expires: Fri, 27 Jan 2023 03:35:15 GMT
Date: Thu, 26 Jan 2023 22:03:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10415
Expires: Fri, 27 Jan 2023 00:56:36 GMT
Date: Thu, 26 Jan 2023 22:03:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12521
Expires: Fri, 27 Jan 2023 01:31:42 GMT
Date: Thu, 26 Jan 2023 22:03:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 21:35:16 GMT
content-type: application/json
age: 1665
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: X16nAmNSsFZvIQctvBnetoGRixjuDUO00JKLk6lz1nJVaqm+uqd0HSjBd/0ewtcpED/TZdI//6c=
x-amz-request-id: NSJZVN9YY0B8CJ9S
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 21:49:09 GMT
age: 832
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:01 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a5d7b275f18c3485060462213a3a1424
72c3e88d3efb5f8efb8572596ab22450b9f60431
5bd6cf4b94f5d93d686ff8de14861a3dc2d0a2507b905ab6804b7f7e48fbb1bb
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5BD6CF4B94F5D93D686FF8DE14861A3DC2D0A2507B905AB6804B7F7E48FBB1BB"
Last-Modified: Thu, 26 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11249
Expires: Fri, 27 Jan 2023 01:10:30 GMT
Date: Thu, 26 Jan 2023 22:03:01 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 21:41:40 GMT
age: 1281
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18938
Expires: Fri, 27 Jan 2023 03:18:40 GMT
Date: Thu, 26 Jan 2023 22:03:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 15a3b3dc21b816b594b592346b831baf
e9bb4326c20e53d30c936147ab802b82d0699dcb
323c1a7d3ce85540163d28922cefb2512db1c81b572de430daf13ecf887d4774
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "323C1A7D3CE85540163D28922CEFB2512DB1C81B572DE430DAF13ECF887D4774"
Last-Modified: Thu, 26 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9247
Expires: Fri, 27 Jan 2023 00:37:09 GMT
Date: Thu, 26 Jan 2023 22:03:02 GMT
Connection: keep-alive
push.services.mozilla.com/
52.35.143.109101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.143.109:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rvxz2zuIE/L1Aspj20P7DQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8SEw8IEvMqhgY/TgqgkmZLxCLNw=
1xlite-615175.top/genfiles/cms/pg/285/css/value/1be89d6b98cd71a7ba406826eb87f6c7.css
178.253.15.10200 OK 6.3 kB URL HTTP/2 1xlite-615175.top/genfiles/cms/pg/285/css/value/1be89d6b98cd71a7ba406826eb87f6c7.css
IP 178.253.15.10:0
File type ASCII text, with very long lines (34410), with no line terminators
Hash e01441ee6f41041ff028cacd4a391ded
4626b275b8624c8d3529191ff907e85ff4e54291
262b2c5f47f770b70758c73d2f6d0a5f8c1faa9a8c6e0a46f86c4ff27779c10e
GET /genfiles/cms/pg/285/css/value/1be89d6b98cd71a7ba406826eb87f6c7.css HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 26 Jan 2023 08:39:48 GMT
x-rgw-object-type: Normal
etag: W/"efec70b87f5cef37b08255376581daea"
content-encoding: br
expires: Thu, 26 Jan 2023 23:03:03 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.106200 OK 1.9 kB URL HTTP/2 fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.106:0
Hash 11f42b8816a5fc451bdebbc3ac3fa9af
1eeeb5c9731757c9fc41e5a21f6acb13217b9993
38bfa929457e7c3e97d1f3f667251347d399d4beb7e5260968934a5d3251abd5
GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 26 Jan 2023 22:03:03 GMT
date: Thu, 26 Jan 2023 22:03:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 99ac9c3cc4db78c43f62ab2f9acf54b5
a84170e0a3fc4ecccdfe30656b2e54cd190a091c
a2cfde65bc4200228c8fd575807531fd5f8a0997015d9ff9382cf9fdc3aaca7a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:03:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 03:03:03 GMT
Expires: Thu, 02 Feb 2023 03:03:02 GMT
Etag: "a84170e0a3fc4ecccdfe30656b2e54cd190a091c"
Cache-Control: max-age=535798,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fc89515cd3b509-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 99ac9c3cc4db78c43f62ab2f9acf54b5
a84170e0a3fc4ecccdfe30656b2e54cd190a091c
a2cfde65bc4200228c8fd575807531fd5f8a0997015d9ff9382cf9fdc3aaca7a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:03:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 03:03:03 GMT
Expires: Thu, 02 Feb 2023 03:03:02 GMT
Etag: "a84170e0a3fc4ecccdfe30656b2e54cd190a091c"
Cache-Control: max-age=535798,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fc89515ee20b39-OSL
v3.traincdn.com/_nuxt/desktop/default/commons/app-b5a011d3.modern.js
8.254.252.213200 OK 86 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/commons/app-b5a011d3.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (65476)
Hash 1c71b602675d672df28ad37adcde5a1b
245844b5b6273f8354bd65d691e757848ce1e04e
73202f79f236a5a8afb78a395b48a66ebc059285de6e986ebec5666ef15c4bb3
GET /_nuxt/desktop/default/commons/app-b5a011d3.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 86141
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-1507d"
expires: Fri, 27 Jan 2023 08:44:04 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47957
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Registration-fe2b480a.modern.js
8.254.252.213200 OK 1.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Registration-fe2b480a.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (3016), with no line terminators
Hash 1dc8443c9f77be4f3cee5177cece3fe7
e5f11639e6b94c48592114d9769b0ff6b1a2f941
504e846a75ab386fdba28aa17cc3f40a6be3031ee0fa5e78b5b64ef0b5917740
GET /_nuxt/desktop/default/Page.Registration-fe2b480a.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 1155
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-483"
expires: Fri, 27 Jan 2023 08:44:10 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47933
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/447d11ab.css
8.254.252.213200 OK 2.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/447d11ab.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (15795), with no line terminators
Hash 4903ac8e8dc6a97e695f35a12b1fded1
838e15675244952d39e39447fe2b8f19b699a9bf
80f5a4f5b33cf232094842c11e6a3727beca1c45dd63d6d9d37ea65f1f9f2f65
GET /_nuxt/desktop/default/css/447d11ab.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: text/css
content-length: 2190
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-88e"
expires: Fri, 27 Jan 2023 08:44:26 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47957
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Block/Page.Maintenance/Page.Registration/Page.SiteUpdates-3ab78631.modern.js
8.254.252.213200 OK 74 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Block/Page.Maintenance/Page.Registration/Page.SiteUpdates-3ab78631.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4d42d9dcc02c2a80c8775ce21a85a7eb
2e27a57b6507f600749eb672f576a6ed6fbf8630
af15af4534f1286b3ffff49bd2a5f58e18d29ae3f9c79a9c4d69340204f99f0c
GET /_nuxt/desktop/default/vendors/Page.Block/Page.Maintenance/Page.Registration/Page.SiteUpdates-3ab78631.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 73993
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-12109"
expires: Fri, 27 Jan 2023 08:44:44 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47947
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
8.254.252.213200 OK 698 B URL HTTP/2 v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP 8.254.252.213:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash baf96800254904a05eee2ff49c94a801
847efb3449a8d7857f004192310aa2164a71d530
0ba137aa5f655e712ac40a592f366d1bd3b53b0a6b71c2cff4e7e0090f440335
GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: image/svg+xml
content-length: 698
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Fri, 27 Jan 2023 03:09:05 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 68039
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/eb0fc106-1fc3d163.modern.js
8.254.252.213200 OK 2.5 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/eb0fc106-1fc3d163.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (8713), with no line terminators
Hash 63adde5eb5604e57bac0ee72ff80ef4d
906f7ee7ced028371e2df8c41b6127e72ebde5de
fba79bd2a38db39b3f8992bb12f6d0c3461c194e71965bff37f6514b1ef39a72
GET /_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/eb0fc106-1fc3d163.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 2525
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-9dd"
expires: Fri, 27 Jan 2023 08:44:04 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47959
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/047e1132.css
8.254.252.213200 OK 632 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/047e1132.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (2717), with no line terminators
Hash 30ddc45c0a82175a7104ebff080e0d37
60f67df6cea1a428eb7de52880777d1d145bc97b
eb0cf5cec9e9b4427f09d5e66eb0b286c4be120626d469ad5ff931483c29e2b2
GET /_nuxt/desktop/default/css/047e1132.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: text/css
content-length: 632
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-278"
expires: Fri, 27 Jan 2023 15:38:38 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23065
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/app-f4200ce4.modern.js
8.254.252.213200 OK 187 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/app-f4200ce4.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size 187 kB (186979 bytes)
Hash 7ca50f4901e8bd7c9557a5f1c80fbec0
92f484c49ed59b1f2cc3b7b577e7f56e57de3c6f
a440188785e60d692889509b51c687c0df97faa9be54fe20aeffbb006f645892
GET /_nuxt/desktop/default/app-f4200ce4.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 186979
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-2da63"
expires: Fri, 27 Jan 2023 08:44:06 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47958
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/a895c423.css
8.254.252.213200 OK 13 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/a895c423.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash da04be410ea27922926bff63a07d6dd3
808a9d8c5f86a21c5cd89ffaee951ab25c2a0507
31ebbfcb8bda6274f09c55c7f33ca1394e936ee5022b8378bb745c23b8dfc8fe
GET /_nuxt/desktop/default/css/a895c423.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: text/css
content-length: 13325
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-340d"
expires: Fri, 27 Jan 2023 08:44:04 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47958
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/app-481b2231.modern.js
8.254.252.213200 OK 218 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/app-481b2231.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (65396)
Size 218 kB (218087 bytes)
Hash dba60feb99ac1c5c6c3dae961582b486
07aa043409f5840cde88bd56707e6ff4bfa2ca4e
6755192b57a49f7f75d3565909b78afd4833912d6651f7d077f20e8febe3f1ba
GET /_nuxt/desktop/default/vendors/app-481b2231.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 218087
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-353e7"
expires: Fri, 27 Jan 2023 08:44:04 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47957
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 99ac9c3cc4db78c43f62ab2f9acf54b5
a84170e0a3fc4ecccdfe30656b2e54cd190a091c
a2cfde65bc4200228c8fd575807531fd5f8a0997015d9ff9382cf9fdc3aaca7a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:03:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 03:03:03 GMT
Expires: Thu, 02 Feb 2023 03:03:02 GMT
Etag: "a84170e0a3fc4ecccdfe30656b2e54cd190a091c"
Cache-Control: max-age=535798,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fc895159dab521-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 99ac9c3cc4db78c43f62ab2f9acf54b5
a84170e0a3fc4ecccdfe30656b2e54cd190a091c
a2cfde65bc4200228c8fd575807531fd5f8a0997015d9ff9382cf9fdc3aaca7a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:03:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 03:03:03 GMT
Expires: Thu, 02 Feb 2023 03:03:02 GMT
Etag: "a84170e0a3fc4ecccdfe30656b2e54cd190a091c"
Cache-Control: max-age=535798,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fc89515bd9b50f-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 99ac9c3cc4db78c43f62ab2f9acf54b5
a84170e0a3fc4ecccdfe30656b2e54cd190a091c
a2cfde65bc4200228c8fd575807531fd5f8a0997015d9ff9382cf9fdc3aaca7a
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 22:03:03 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 03:03:03 GMT
Expires: Thu, 02 Feb 2023 03:03:02 GMT
Etag: "a84170e0a3fc4ecccdfe30656b2e54cd190a091c"
Cache-Control: max-age=535798,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 78fc89515c71b51b-OSL
v3.traincdn.com/_nuxt/desktop/default/css/bf967876.css
8.254.252.213200 OK 40 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/bf967876.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9b85e47b640baa9eb4dbb41915d1f9a3
034b606abd1d6f6a27e7f37d89c42e0407914bca
98a87b9557d4e0da4efe55e0cdcf7005375709bcf4c42bbf55ff4a63e69e97b0
GET /_nuxt/desktop/default/css/bf967876.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: text/css
content-length: 39797
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-9b75"
expires: Fri, 27 Jan 2023 13:41:05 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30118
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
178.253.15.10200 OK 152 kB URL HTTP/2 1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
IP 178.253.15.10:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (42472)
Size 152 kB (151928 bytes)
Hash e63ea8f47a71e410379a510ef31e61ab
b116ee43b50bc9df9cf4ad21e9da72930b8fa545
0682238ce77c74c59666b2f2e48382a977a25ea74e580b323794dc6fe14f2446
GET /en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:02 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=533;desc="Nuxt Server Time", dt_285;dur=550
set-cookie: SESSION=3dc06755f5cffeadb5dd8a2981480335; Path=/; HttpOnly; Secure; SameSite=Lax
lng=en; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Mon, 27 Mar 2023 22:03:02 GMT
reflinkid=d_786679m_1599c_; Path=/; Expires=Thu, 26 Jan 2023 23:03:02 GMT
postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; Path=/; Expires=Sat, 25 Feb 2023 22:03:02 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/runtime-be8485bd.modern.js
8.254.252.213200 OK 13 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/runtime-be8485bd.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (40212), with no line terminators
Hash ff30e579fa9b9d9600de2ab7cc241db8
10eb340855f1a9300628818c8d4091e0ff3e3961
50ea264262a96f1a9b4f6436199ca51c32501c2aa53c382d3c286df3b7388925
GET /_nuxt/desktop/default/runtime-be8485bd.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 12819
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-3213"
expires: Fri, 27 Jan 2023 08:44:04 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47958
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:03:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9012
Expires: Fri, 27 Jan 2023 00:33:15 GMT
Date: Thu, 26 Jan 2023 22:03:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9012
Expires: Fri, 27 Jan 2023 00:33:15 GMT
Date: Thu, 26 Jan 2023 22:03:03 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9012
Expires: Fri, 27 Jan 2023 00:33:15 GMT
Date: Thu, 26 Jan 2023 22:03:03 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:03:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: KY05WKpINERD5g9o2QLYdsNMSuuy_YKn2Tl7Qkn7YaAOaPTDfLteeA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:48 GMT
age: 795
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f62e9b7bdca82d18c945851912d8fea8
a7ca44d337c43bc5c6145b26778661c71cc50484
5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:48 GMT
age: 795
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17e1b6f3caa98b0e0972802408dd3f93
07e48bf3565e00d093d72dd4ada606f5d39a4838
7094ef64e04573bea7a81bbcc8ab59d721c5ef433e3fa9203e5861040ced549c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8017df09-37d9-4c4b-9051-0442b3eb8fbf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9285
x-amzn-requestid: 526bd945-31d8-490e-af9d-5e6fc6ea3561
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYT2HzvoAMFYYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0e5-6812fe4354bbdac4472e7e81;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XOJMP2youiiGQF5EWeoyyuVXigc-WabFbwsm5XFryosJiQ-peYam2g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:52:36 GMT
age: 627
etag: "07e48bf3565e00d093d72dd4ada606f5d39a4838"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 13cd008fb3e2739ec7caadadbd427655
c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1
a300a4fde1863c8b806d0557d9f0adaed19e1c612989d7e3f79a7bb45e6e74dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ffb1709-216c-4bf0-9b98-e3a355f000bb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8822
x-amzn-requestid: e16ae781-25f3-4b7d-b62b-85b35d6571c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYRwF2KIAMFjDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0d7-377f24bd18dea32564b148bd;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLPXQFbkJxWsDzMx_vUit4y6H3W6zoKjsGIaGd3rfT-mXX92HbjO5Q==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:07 GMT
age: 836
etag: "c4802b06b87ab97f3ccd80d1c9bbdb4fab9886c1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41fd0074a6ce752b1271302feade4cee
6311d1365504f06cb7516606c56c502d553c9d16
544c508899fe8855b0975a87cb0bf35663ab4ad0ec8fd057b3962d50cc001b8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7365
x-amzn-requestid: c2a8ae3d-47f8-415f-bf08-78dd12ede3d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYRwEUbIAMFnag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0d7-38f72fec78120cf113c7a4f7;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w2YQTruAWzbdhCWhHu5V1Wj0DlkD6-BsEwgjtR9RJqqmStbW8mPS9w==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:49:07 GMT
age: 836
etag: "6311d1365504f06cb7516606c56c502d553c9d16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-615175.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 204837
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:03:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-615175.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 137464
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash d9bf2793558044193d7e5d27708a9144
5a8f73462cfda6544cc3efe488854c3cd80bb0a7
e1db5ce5f130aa6d6a1bf18da60fee5c6bb76625a26aef0fee67702e7209ef7e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:03:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1xlite-615175.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
178.253.15.10200 OK 352 B URL HTTP/2 1xlite-615175.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP 178.253.15.10:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78
GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
expires: Tue, 24 Jan 2023 22:30:26 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-615175.top/_nuxt/desktop/default/vendors/plugins.vue-notification-3f0135fe.modern.js
178.253.15.10200 OK 4.6 kB URL HTTP/2 1xlite-615175.top/_nuxt/desktop/default/vendors/plugins.vue-notification-3f0135fe.modern.js
IP 178.253.15.10:0
File type ASCII text, with very long lines (12527), with no line terminators
Hash 2a8edd375f288165be80937ac1e394c9
2c4bf5f1490a5ac0d0712c171783054dc3822d98
4e98c7274ca61289f5a64e1dda11c3a140d5bd9d824d85fc3d053ea5c200d55d
GET /_nuxt/desktop/default/vendors/plugins.vue-notification-3f0135fe.modern.js HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 4562
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
vary: Accept-Encoding
etag: "63d237a2-11d2"
content-encoding: gzip
expires: Thu, 26 Jan 2023 23:03:03 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-2e9ec1b5.modern.js
178.253.15.10200 OK 22 kB URL HTTP/2 1xlite-615175.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-2e9ec1b5.modern.js
IP 178.253.15.10:0
File type ASCII text, with very long lines (65476)
Hash 299cc800609eb7b5da3f8fbc111546c8
5cdfcebf12b818a5eadb7c4537a7d207ecccb337
e6f62c190be6e379cddd04d16bdfe2a1d2c56e066a091d28ad0f7ce35703f701
GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-2e9ec1b5.modern.js HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 21845
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
vary: Accept-Encoding
etag: "63d237a2-5555"
content-encoding: gzip
expires: Thu, 26 Jan 2023 23:03:03 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/_nuxt/desktop/default/css/447d11ab.css
178.253.15.10200 OK 2.2 kB URL HTTP/2 1xlite-615175.top/_nuxt/desktop/default/css/447d11ab.css
IP 178.253.15.10:0
File type ASCII text, with very long lines (15795), with no line terminators
Hash 4903ac8e8dc6a97e695f35a12b1fded1
838e15675244952d39e39447fe2b8f19b699a9bf
80f5a4f5b33cf232094842c11e6a3727beca1c45dd63d6d9d37ea65f1f9f2f65
GET /_nuxt/desktop/default/css/447d11ab.css HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: text/css
content-length: 2190
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
vary: Accept-Encoding
etag: "63d237a2-88e"
content-encoding: gzip
expires: Thu, 26 Jan 2023 23:03:03 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/_nuxt/desktop/default/css/047e1132.css
178.253.15.10200 OK 632 B URL HTTP/2 1xlite-615175.top/_nuxt/desktop/default/css/047e1132.css
IP 178.253.15.10:0
File type ASCII text, with very long lines (2717), with no line terminators
Hash 30ddc45c0a82175a7104ebff080e0d37
60f67df6cea1a428eb7de52880777d1d145bc97b
eb0cf5cec9e9b4427f09d5e66eb0b286c4be120626d469ad5ff931483c29e2b2
GET /_nuxt/desktop/default/css/047e1132.css HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:03 GMT
content-type: text/css
content-length: 632
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
vary: Accept-Encoding
etag: "63d237a2-278"
content-encoding: gzip
expires: Thu, 26 Jan 2023 23:03:03 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1674770583890
178.253.15.10200 OK 145 B URL HTTP/2 1xlite-615175.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1674770583890
IP 178.253.15.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1674770583890 HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
expires: Fri, 27 Jan 2023 22:03:04 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-615175.top/pwa
178.253.15.10200 OK 15 B IP 178.253.15.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e4766fd1b2ba2e236fd9364587f99ab
eb98dec7af065d80a1a3ddb99cb3e3c0919aa852
4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b
GET /pwa HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/json; charset=utf-8
content-length: 15
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
server-timing: dt_285;dur=1
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/_nuxt/desktop/default/css/f9d99aa7.css
178.253.15.10200 OK 943 B URL HTTP/2 1xlite-615175.top/_nuxt/desktop/default/css/f9d99aa7.css
IP 178.253.15.10:0
File type ASCII text, with very long lines (3303), with no line terminators
Hash 92511f7932fbaa62d4fa8e91c092e28d
14db565d35abf418504fe7599fb72c204d3c9d79
d293b89f0c5fb4ce75c0048485e639cf7f37746db6e3c7a40c287639807f57e0
GET /_nuxt/desktop/default/css/f9d99aa7.css HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: text/css
content-length: 943
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
vary: Accept-Encoding
etag: "63d237a2-3af"
content-encoding: gzip
expires: Thu, 26 Jan 2023 23:03:04 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/_nuxt/desktop/default/plugins.vue-js-modal-39dfc95d.modern.js
178.253.15.10200 OK 7.5 kB URL HTTP/2 1xlite-615175.top/_nuxt/desktop/default/plugins.vue-js-modal-39dfc95d.modern.js
IP 178.253.15.10:0
File type HTML document, ASCII text, with very long lines (25593), with no line terminators
Hash c905bcae175fe1ed3155a6012454796d
712bf5465931adcc48e68f2c0bff76a088d9bae9
2651a2908e26840af52ae6a5229cba5380635ea8e089d63ccfaa5f78f859724f
GET /_nuxt/desktop/default/plugins.vue-js-modal-39dfc95d.modern.js HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 7505
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
vary: Accept-Encoding
etag: "63d237a2-1d51"
content-encoding: gzip
expires: Thu, 26 Jan 2023 23:03:04 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/_nuxt/desktop/default/date-fns-locale-21-24398185.modern.js
178.253.15.10200 OK 2.7 kB URL HTTP/2 1xlite-615175.top/_nuxt/desktop/default/date-fns-locale-21-24398185.modern.js
IP 178.253.15.10:0
File type ASCII text, with very long lines (9012), with no line terminators
Hash c397fce2fd58a2acacaa97a6dea64894
d0ebf10018e4fbd3f9dd0b9836937e665f9105bc
136697393008f7a221df394356cbc4cbc865e46cd40f4ae2e17b7ea5af7781c6
GET /_nuxt/desktop/default/date-fns-locale-21-24398185.modern.js HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 2651
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
vary: Accept-Encoding
etag: "63d237a2-a5b"
content-encoding: gzip
expires: Thu, 26 Jan 2023 23:03:04 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/DC-6a7ff9ed.modern.js
8.254.252.213200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/DC-6a7ff9ed.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (2509), with no line terminators
Hash 788560c9be93b8aa74d30aa6ceb9485f
23ce635b05f42d1e0bbab9e9144aecaa7dfad067
11463229e431e54ac8d3833173f54926429a07204406f12ae85884d00d374113
GET /_nuxt/desktop/default/DC-6a7ff9ed.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 1082
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-43a"
expires: Fri, 27 Jan 2023 08:44:06 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47954
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:03:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1xlite-615175.top/version.json?timestamp=1674770584150
178.253.15.10200 OK 44 B URL HTTP/2 1xlite-615175.top/version.json?timestamp=1674770584150
IP 178.253.15.10:0
Hash 91ad60c63a123d74fa8fab483428351b
98ebdd85018fdc9a3dbfc2cdae3fb7485da14477
1ec60fd8ff1796ae282461e7750bc4b7b537088369f370a57c41ad3ec9510628
GET /version.json?timestamp=1674770584150 HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/json
content-length: 44
last-modified: Thu, 26 Jan 2023 08:23:40 GMT
vary: Accept-Encoding
etag: "63d2388c-2c"
content-encoding: gzip
expires: Thu, 26 Jan 2023 22:04:04 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-178408567-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1759)
Hash 45fde3740d28a2a233078adfd7a3e5c6
72840ae4df791a98c7a8ad8583a82034bffb756f
b3c5a76303b786037bf13986bcd3c9c3ac017f6f46dbabc320a1e59b9e2b457e
GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 22:03:04 GMT
expires: Thu, 26 Jan 2023 22:03:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45060
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:03:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
radar.cedexis.com/1593429750/radar.js
45.54.49.5200 OK 19 kB URL HTTP/1.1 radar.cedexis.com/1593429750/radar.js
IP 45.54.49.5:0
ASN #63911 NetActuate, Inc
File type ASCII text, with very long lines (1782)
Hash 2acb3c3179b2646943d1a8f5166743cc
56aa31a4027fec3dd8cc78114c6b0f3604716c14
0ac8b27ab0fd5f6440f4fc51e98694a417ae1402a3ca4feb224643327c079595
GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 26 Jan 2023 22:03:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 29 Jun 2020 11:30:35 GMT
Vary: Accept-Encoding
ETag: W/"5ef9d0db-af5c"
Expires: Thu, 09 Feb 2023 22:03:04 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-2aa7dfbe.modern.js
8.254.252.213200 OK 5.4 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-2aa7dfbe.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (13485), with no line terminators
Hash 1a65b9e5186b64d1ec5e1273095a679c
52825ccdf94cbd17e8f911bf6864deea765a697f
74dbfdf9254d25be70a318ce3bb578d4b61fbe76105792b8378ef07ae0875e99
GET /_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-2aa7dfbe.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 5404
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-151c"
expires: Fri, 27 Jan 2023 08:44:56 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47950
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-615175.top/web-api/api/converslon/load
178.253.15.10200 OK 5.9 kB URL HTTP/2 1xlite-615175.top/web-api/api/converslon/load
IP 178.253.15.10:0
File type JSON data\012- , ASCII text, with very long lines (19327), with no line terminators
Hash 81c2bd2e1c064904668aa236e7e5f4fa
65c8dedff52b71327391ea77af2ab4768dbc443b
463cf53aff08c2d1af2f2104aafc08e09446df143d7d2e8f2fa39fd5d56a4d7e
GET /web-api/api/converslon/load HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=19, dt_285;dur=21
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/da6c9763-5634a279.modern.js
8.254.252.213200 OK 6.5 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/da6c9763-5634a279.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (20689)
Hash 6443a5bd4e7a1439783ad1591846c9bd
7c70b31fd52225d6f510ff33a139399c40608ef9
a57452e847756b5eadeff66a51ed1c8e416d2e35bc6f7b742fc98f0ec09cabc5
GET /_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/da6c9763-5634a279.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 6474
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-194a"
expires: Fri, 27 Jan 2023 08:44:06 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47959
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/6ddcb708.css
8.254.252.213200 OK 464 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/6ddcb708.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (1665), with no line terminators
Hash 21d3a0d490658b4f59d8f9cceb43c560
e59013f09dfc5d7f92ae66ca640dd883bcbe65c1
1d24ff5fe9df012703a2edfc75483c32880b26f49a0027ea72ddf71b59a232b9
GET /_nuxt/desktop/default/css/6ddcb708.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: text/css
content-length: 464
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-1d0"
expires: Fri, 27 Jan 2023 14:14:23 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 28123
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/9ec65dba-3a45b6dd.modern.js
8.254.252.213200 OK 8.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/9ec65dba-3a45b6dd.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (24831), with no line terminators
Hash 5e6537fffdac0425150479b555cbc745
0b170f86c3d52aa36be5cd7c9ecb4277d1d26506
91c31318ecc6619fa47715556069fd9ea2b55254672c55b8fec2caca82296b67
GET /_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/9ec65dba-3a45b6dd.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 8051
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-1f73"
expires: Fri, 27 Jan 2023 08:44:06 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47941
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/485d903f.css
8.254.252.213200 OK 4.8 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/485d903f.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (31269), with no line terminators
Hash a901bf702b3d69d24eb831ebb1a9eac9
a28ae381aa92554d502a608d73d9ba6c73b43a84
e588c6c83490cb154d6a60d53fbdf2fea98495905de63a5bcab344b7e91b9077
GET /_nuxt/desktop/default/css/485d903f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: text/css
content-length: 4825
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-12d9"
expires: Fri, 27 Jan 2023 08:44:56 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47927
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/registration.Main-b17b84dc.modern.js
8.254.252.213200 OK 44 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/registration.Main-b17b84dc.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 0b41d608d93d96399efb06dca37367dd
1272b2c09f5e8726a30245db5381eff6252d711a
dd2e015739725bb6c538760dd6fcc388f622a6be71946c7582036d6d65c1cadd
GET /_nuxt/desktop/default/registration.Main-b17b84dc.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 43566
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-aa2e"
expires: Fri, 27 Jan 2023 08:44:57 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47926
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
8.254.252.213200 OK 454 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (1429), with no line terminators
Hash 5325c2bd8e3ca07a407336cecff092f3
06974a9c65f583cefcc10e8d6baa830f52ca57b7
3653a3dae4f4d697f5825f03112c9da388b3b48fd9f7cfba9aaccc3bd2026400
GET /_nuxt/desktop/default/css/c2b74bc7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: text/css
content-length: 454
cache-control: max-age=86400
content-encoding: gzip
etag: "63d16638-1c6"
expires: Fri, 27 Jan 2023 08:30:44 GMT
last-modified: Wed, 25 Jan 2023 17:26:16 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48746
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/d07cef4b.css
8.254.252.213200 OK 1.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/d07cef4b.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (4904), with no line terminators
Hash c7927cda816637778da7d71505fad4ff
1399023d4866ce4a6e119a2a654038fa79f6a08c
5c5b3fecae0fa0c8acf0167041441f6b0d7f9d3e35a89f7cf7bdb1fffd81b0e6
GET /_nuxt/desktop/default/css/d07cef4b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: text/css
content-length: 1240
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-4d8"
expires: Fri, 27 Jan 2023 08:44:03 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47953
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.media-a90b8097.modern.js
8.254.252.213200 OK 4.6 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/betting.media-a90b8097.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (18679), with no line terminators
Hash 400df9ebba4c044c67cce67d7f86b303
c7476180bb8927d7434d470bd10f6df90e5298b3
d71539979127805f30e4759a3a2a04a9e74df4ecb2afbb6c6e2afccaa8de0336
GET /_nuxt/desktop/default/betting.media-a90b8097.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 4560
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-11d0"
expires: Fri, 27 Jan 2023 08:44:06 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47953
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-d0fff3f8.modern.js
8.254.252.213200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-d0fff3f8.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (2449), with no line terminators
Hash eb56b21e3f27c4f33055172427368cb5
10ece4fd5ddc4d69ad48f62f80ad3f62106d57eb
d151f6bc14c978b0e0dead4cd3a9b8d9ef7e9fbb4414e429a97bac68bc060181
GET /_nuxt/desktop/default/ioc.dependencies.32-d0fff3f8.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 1079
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-437"
expires: Fri, 27 Jan 2023 08:44:45 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47953
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-7465b353.modern.js
8.254.252.213200 OK 26 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-7465b353.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash ba3a64a4887f19fea8db46450807a01c
388c7df01d2cf1ad0a3500fca0e59f7ae6ba0dc7
981c426ed93de98bbbcf74a42b4bd4a26264a04e368361cb8b21476640c0a158
GET /_nuxt/desktop/default/vendors/conversion-7465b353.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 26244
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-6684"
expires: Fri, 27 Jan 2023 08:44:19 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47950
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-615175.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-615175.top%2Fen%2Fregistration&language=en
178.253.15.10200 OK 50 B URL HTTP/2 1xlite-615175.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-615175.top%2Fen%2Fregistration&language=en
IP 178.253.15.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b87a1addd40bfb43c006eedcb9f21f28
7c504dfdecbb7e3e61f8681eb9e338a6698d5fc2
931bc5f84afccc01bc652d702e50b45ab57739699a88f157b994eda943ffcf57
GET /frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-615175.top%2Fen%2Fregistration&language=en HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/json; charset=utf-8
content-length: 50
access-control-allow-origin: *
etag: W/"32-fFBN/ey7fj5h+GgeueM4pmmNX8I"
server-timing: requestTime; dur=45.684964; desc="req_t", renderTime; dur=45.700995; desc="rend_t", total; dur=47.305884; desc="Total Response Time"
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/checker/redirect/stat/run/
178.253.15.10200 OK 49 B URL HTTP/2 1xlite-615175.top/checker/redirect/stat/run/
IP 178.253.15.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b7a9075de81cdb1a9fa74fa71b5126dd
9d651f649e1c5eab95d3b0ca7cc9b02dec41df61
86877f86c7d18d59e54d73c43e6709a91a7f0a6a86980cada7f4b7e69c13cf20
GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280; che_g=7a813bbb-60f4-9c6a-622e-1531a0012c3a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/json; charset=utf-8
content-length: 49
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7c44f9ff-266d21e5.modern.js
8.254.252.213200 OK 6.4 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7c44f9ff-266d21e5.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (24849), with no line terminators
Hash ee073af42e6a8f6ede817586b18316a4
07800641d7a6667c1e1f2614f1730b8d7f020f39
850e7a24d3dbdabe72e911005755dbb64026c8edff79bde24bfafa8281afe3df
GET /_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7c44f9ff-266d21e5.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 6355
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-18d3"
expires: Fri, 27 Jan 2023 08:44:57 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47958
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-18518805.modern.js
8.254.252.213200 OK 18 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-18518805.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (43176), with NEL line terminators
Hash c9dbfa6234d9fd69ce06e54d7c3daef5
6031a397f26095d08aec497194aca06330614ae4
03f624104942a84b2d01fd2b6187f875ee84b3dbc366839fe4f443e77a415bed
GET /_nuxt/desktop/default/vendors/betting.media-18518805.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 17549
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-448d"
expires: Fri, 27 Jan 2023 08:44:45 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47953
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-615175.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1674770584756
178.253.15.10200 OK 145 B URL HTTP/2 1xlite-615175.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1674770584756
IP 178.253.15.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1674770584756 HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280; che_g=7a813bbb-60f4-9c6a-622e-1531a0012c3a; tzo=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
expires: Fri, 27 Jan 2023 22:03:04 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-615175.top/web-api/api/internal/v1/proof_of_age
178.253.15.10204 No Content 0 B URL HTTP/2 1xlite-615175.top/web-api/api/internal/v1/proof_of_age
IP 178.253.15.10:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280; che_g=7a813bbb-60f4-9c6a-622e-1531a0012c3a
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Thu, 26 Jan 2023 22:03:04 GMT
cache-control: no-cache, private
server-timing: p;dur=28, dt_285;dur=32
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 26 Jan 2023 21:46:59 GMT
expires: Thu, 26 Jan 2023 23:46:59 GMT
cache-control: public, max-age=7200
age: 965
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1xlite-615175.top/web-api/user/secure
178.253.15.10200 OK 58 B URL HTTP/2 1xlite-615175.top/web-api/user/secure
IP 178.253.15.10:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 9c970651a9dbef9028a582f03620c085
8fbaa776eaa37b11cbbed795312bd70696ddb8b7
bb347622b802089a2189bb3dd048e0c68529f1cdbde368d3e737bc571ca1db21
POST /web-api/user/secure HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Origin: https://1xlite-615175.top
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280; che_g=7a813bbb-60f4-9c6a-622e-1531a0012c3a; tzo=0; _ga_7JGWL9SV66=GS1.1.1674770584.1.0.1674770584.0.0.0; _ga=GA1.1.1996698405.1674770585
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:05 GMT
content-type: application/json; charset=utf-8
content-length: 58
server-timing: dt_285;dur=85
set-cookie: is_rtl=1; expires=Fri, 26-Jan-2024 22:03:05 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
fast_coupon=true; expires=Thu, 02-Feb-2023 22:03:05 GMT; Max-Age=604800; path=/
v3fr=1; expires=Sun, 29-Jan-2023 22:03:05 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax
_glhf=1674788361; expires=Thu, 26-Jan-2023 23:03:05 GMT; Max-Age=3600; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/web-api/external-api/getFirstDepositBonus
178.253.15.10200 OK 45 kB URL HTTP/2 1xlite-615175.top/web-api/external-api/getFirstDepositBonus
IP 178.253.15.10:0
Hash 2770e3bb931f3508c10b14458f29b395
2d2afc17b6dd3acb65c121e6a9a50fd519bb02ce
afddc75a54bac4846ba164ee9d469981f3d1faa5df1a7057d3257c2a5378be5f
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=37, dt_285;dur=38
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/web-api/registration
178.253.15.10200 OK 3.7 kB URL HTTP/2 1xlite-615175.top/web-api/registration
IP 178.253.15.10:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (13246)
Hash 76026de93f41e15408250c2b9caec2e1
3d610540bf1c99d9b247136e727370a15203ad16
312735410a928e2f1330481c041b88ebbd17b5717084bc5ffede3ff16e3511ac
POST /web-api/registration HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Content-Type: application/json
Content-Length: 18
Origin: https://1xlite-615175.top
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280; che_g=7a813bbb-60f4-9c6a-622e-1531a0012c3a; tzo=0; _ga_7JGWL9SV66=GS1.1.1674770584.1.0.1674770584.0.0.0; _ga=GA1.2.1996698405.1674770585; _gid=GA1.2.1432395218.1674770585
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:05 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
server-timing: dt_285;dur=88
set-cookie: is_rtl=1; expires=Fri, 26-Jan-2024 22:03:05 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
fast_coupon=true; expires=Thu, 02-Feb-2023 22:03:05 GMT; Max-Age=604800; path=/
v3fr=1; expires=Sun, 29-Jan-2023 22:03:05 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66>m=2oe1p0&_p=301602158&cid=1996698405.1674770585&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674770584&sct=1&seg=0&dl=https%3A%2F%2F1xlite-615175.top%2Fen%2Fregistration%3Ftag%3Dd_786679m_1599c_%26site%3D786679%26ad%3D1599%26r%3Dregistration%252F%26pb%3D883e8b8ae12b41f9b9ffc473f4a9ab84%26click_id%3Depllc63d2f879000d5f0a&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66>m=2oe1p0&_p=301602158&cid=1996698405.1674770585&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674770584&sct=1&seg=0&dl=https%3A%2F%2F1xlite-615175.top%2Fen%2Fregistration%3Ftag%3Dd_786679m_1599c_%26site%3D786679%26ad%3D1599%26r%3Dregistration%252F%26pb%3D883e8b8ae12b41f9b9ffc473f4a9ab84%26click_id%3Depllc63d2f879000d5f0a&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=2oe1p0&_p=301602158&cid=1996698405.1674770585&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1674770584&sct=1&seg=0&dl=https%3A%2F%2F1xlite-615175.top%2Fen%2Fregistration%3Ftag%3Dd_786679m_1599c_%26site%3D786679%26ad%3D1599%26r%3Dregistration%252F%26pb%3D883e8b8ae12b41f9b9ffc473f4a9ab84%26click_id%3Depllc63d2f879000d5f0a&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-615175.top
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-615175.top
date: Thu, 26 Jan 2023 22:03:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1xlite-615175.top/web-api/default/img/icons/pixels2.svg?v=1674770584
178.253.15.10200 OK 125 B URL HTTP/2 1xlite-615175.top/web-api/default/img/icons/pixels2.svg?v=1674770584
IP 178.253.15.10:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash 32746ce4592811e48667b5899f51d261
a97719f8592bdd6af6dea0eabba4ef0d084e32c3
91c1c2cf42c178d2cd87542a90a57079f44367fc196ff48143d90240e606dcbe
GET /web-api/default/img/icons/pixels2.svg?v=1674770584 HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280; che_g=7a813bbb-60f4-9c6a-622e-1531a0012c3a; tzo=0; _ga_7JGWL9SV66=GS1.1.1674770584.1.0.1674770584.0.0.0; _ga=GA1.1.1996698405.1674770585
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:05 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=38, dt_285;dur=39
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:03:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=1996698405.1674770585&jid=47628402&gjid=549808415&_gid=1432395218.1674770585&_u=aCDAAUACQAAAACAAI~&z=1997921878
173.194.221.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=1996698405.1674770585&jid=47628402&gjid=549808415&_gid=1432395218.1674770585&_u=aCDAAUACQAAAACAAI~&z=1997921878
IP 173.194.221.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=1996698405.1674770585&jid=47628402&gjid=549808415&_gid=1432395218.1674770585&_u=aCDAAUACQAAAACAAI~&z=1997921878 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://1xlite-615175.top
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://1xlite-615175.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 26 Jan 2023 22:03:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type gzip compressed data, from Unix\012- data
Hash 6d0188d886d40a3c1bd1506a52147304
2367fffef760e1595799fd98eb2800fc79bc4b82
ed7036ee7d6410d3b9252ac588b74c04ad8beba3733ebbabf0a2d3cdc57c8e8f
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-615175.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 95349
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1xlite-615175.top/web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-615175.top%2Fen%2Fregistration
178.253.15.10200 OK 1.4 kB URL HTTP/2 1xlite-615175.top/web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-615175.top%2Fen%2Fregistration
IP 178.253.15.10:0
Hash 2a8f5e50e854b656b7fa8e44cf4c3932
5df175bc41e85f160f432d84743544d79bf8c378
26e4c84b04e622da3dc849b40ebc3427182f3b30e5de06af0c7d4e328aea9a19
GET /web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-615175.top%2Fen%2Fregistration HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280; che_g=7a813bbb-60f4-9c6a-622e-1531a0012c3a; tzo=0; _ga_7JGWL9SV66=GS1.1.1674770584.1.1.1674770585.0.0.0; _ga=GA1.2.1996698405.1674770585; _gid=GA1.2.1432395218.1674770585; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1674788361; ggru=181; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:05 GMT
content-type: application/vnd.api+json
cache-control: max-age=300, private
server-timing: p;dur=119, dt_285;dur=121
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-a52819b5.modern.js
8.254.252.213200 OK 11 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-a52819b5.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (41843), with no line terminators
Hash 083ff0db434199f1a21775e5c7fff12b
11416aa844bea65d8276330300ddf027ff7181c1
3b1c13530f68b9ec9ce3799d37e8f875c6b79d816243115a99256b9b1121f8d1
GET /_nuxt/desktop/default/Registration.Fields-a52819b5.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:06 GMT
content-type: application/javascript; charset=utf-8
content-length: 11237
cache-control: max-age=86400
content-encoding: gzip
etag: "63d237a2-2be5"
expires: Fri, 27 Jan 2023 08:45:08 GMT
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47932
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:03:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1xlite-615175.top/_nuxt/Desktop/Default/svg-sprites/bonusSelect-2000120.svg
178.253.15.10200 OK 7.4 kB URL HTTP/2 1xlite-615175.top/_nuxt/Desktop/Default/svg-sprites/bonusSelect-2000120.svg
IP 178.253.15.10:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15052), with no line terminators
Hash 1b27ec6dc9be1569af0c3ade164ab5a1
6c9a3f7f75d62ad465a534fe2a7b3e96c49623ff
f51a0066622326ae6a076651f0517e3b76c881b3c248211a56a50a7e3bb199d1
GET /_nuxt/Desktop/Default/svg-sprites/bonusSelect-2000120.svg HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280; che_g=7a813bbb-60f4-9c6a-622e-1531a0012c3a; tzo=0; _ga_7JGWL9SV66=GS1.1.1674770584.1.0.1674770584.0.0.0; _ga=GA1.2.1996698405.1674770585; _gid=GA1.2.1432395218.1674770585
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:05 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
etag: W/"63d237a2-3acc"
expires: Fri, 27 Jan 2023 22:02:49 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=explicit&hl=en
142.250.74.164200 OK 556 B URL HTTP/2 www.google.com/recaptcha/api.js?render=explicit&hl=en
IP 142.250.74.164:0
File type ASCII text, with very long lines (852), with no line terminators
Hash 971f5963eefcd572ca01ef7e1bc14064
81c097c2de4ef3dc63af0fa81fb0e1d3b5b97dca
935278c0848f082150f43f2341c1eb53f47953afc0ef5881407f83e42646b919
GET /recaptcha/api.js?render=explicit&hl=en HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 26 Jan 2023 22:03:08 GMT
date: Thu, 26 Jan 2023 22:03:08 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 556
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 22:03:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
142.250.74.3200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (636)
Size 164 kB (163892 bytes)
Hash f2995e9cc3eedf3359420fb8d714b2ca
bdc68875ff161b35dbe9d8d85241e41c862ec8e3
fbe663b4f0f239aca19a5a2720c2b494ac58a53e0d68288155eb772ae04935c1
GET /recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-615175.top
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163892
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 15:41:18 GMT
expires: Wed, 24 Jan 2024 15:41:18 GMT
cache-control: public, max-age=31536000
age: 195710
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 906
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 10:03:36 GMT
expires: Wed, 24 Jan 2024 10:03:36 GMT
cache-control: public, max-age=31536000
age: 215973
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 19346
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1xlite-615175.top/_nuxt/Desktop/Default/svg-sprites/country-2000120.svg
178.253.15.10200 OK 0 B URL HTTP/2 1xlite-615175.top/_nuxt/Desktop/Default/svg-sprites/country-2000120.svg
IP 178.253.15.10:0
GET /_nuxt/Desktop/Default/svg-sprites/country-2000120.svg HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280; che_g=7a813bbb-60f4-9c6a-622e-1531a0012c3a; tzo=0; _ga_7JGWL9SV66=GS1.1.1674770584.1.1.1674770585.0.0.0; _ga=GA1.2.1996698405.1674770585; _gid=GA1.2.1432395218.1674770585; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1674788361; ggru=181; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:06 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
etag: W/"63d237a2-26280"
expires: Fri, 27 Jan 2023 22:02:52 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1x-xredbet002400.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
178.253.47.23307 Temporary Redirect 0 B URL HTTP/2 1x-xredbet002400.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
IP 178.253.47.23:0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a HTTP/1.1
Host: 1x-xredbet002400.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
server: nginx
date: Thu, 26 Jan 2023 22:03:01 GMT
content-type: text/html; charset=utf-8
location: https://1xlite-615175.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
x-frame-options: SAMEORIGIN
set-cookie: SESSION=7cce7ecba6780860da37869a85846b7e; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
auid=sv0vF2PS+JUxliG7A2UPAg==; path=/; secure; httponly; samesite=lax
x-reason: 1080,1078,1074,1015,1021
cache-control: no-cache, private
server-timing: p;dur=88
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/web-api/api/v3/bonuses/welcome-bonuses
178.253.15.10200 OK 0 B URL HTTP/2 1xlite-615175.top/web-api/api/v3/bonuses/welcome-bonuses
IP 178.253.15.10:0
GET /web-api/api/v3/bonuses/welcome-bonuses HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280; che_g=7a813bbb-60f4-9c6a-622e-1531a0012c3a; tzo=0; _ga_7JGWL9SV66=GS1.1.1674770584.1.0.1674770584.0.0.0; _ga=GA1.1.1996698405.1674770585
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:05 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
server-timing: p;dur=31, dt_285;dur=33
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/web-api/registration/fields
178.253.15.10200 OK 0 B URL HTTP/2 1xlite-615175.top/web-api/registration/fields
IP 178.253.15.10:0
POST /web-api/registration/fields HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Content-Type: application/json
Content-Length: 19
Origin: https://1xlite-615175.top
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280; che_g=7a813bbb-60f4-9c6a-622e-1531a0012c3a; tzo=0; _ga_7JGWL9SV66=GS1.1.1674770584.1.0.1674770584.0.0.0; _ga=GA1.2.1996698405.1674770585; _gid=GA1.2.1432395218.1674770585; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1674788361; ggru=181
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:06 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
server-timing: dt_285;dur=704
set-cookie: is_rtl=1; expires=Fri, 26-Jan-2024 22:03:06 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/_nuxt/Desktop/Default/svg-sprites/common-2000120.svg
178.253.15.10200 OK 0 B URL HTTP/2 1xlite-615175.top/_nuxt/Desktop/Default/svg-sprites/common-2000120.svg
IP 178.253.15.10:0
GET /_nuxt/Desktop/Default/svg-sprites/common-2000120.svg HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:04 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 26 Jan 2023 08:19:46 GMT
etag: W/"63d237a2-1af48"
expires: Fri, 27 Jan 2023 22:01:30 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-615175.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
178.253.15.10302 Found 0 B URL HTTP/2 1xlite-615175.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
IP 178.253.15.10:0
GET /registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Thu, 26 Jan 2023 22:03:02 GMT
location: /en/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=epllc63d2f879000d5f0a
reason-v3: empty_lang
server-timing: total;dur=0;desc="Nuxt Server Time", dt_285;dur=1
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: platform_type=desktop; Path=/; Expires=Sun, 29 Jan 2023 22:03:02 GMT
auid=sv0PCmPS+JYUGobaA3I1Ag==; path=/; secure; httponly; samesite=lax
X-Firefox-Spdy: h2
suphelper.com/widget/injector.js
104.16.43.72200 OK 0 B URL HTTP/2 suphelper.com/widget/injector.js
IP 104.16.43.72:0
GET /widget/injector.js HTTP/1.1
Host: suphelper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-615175.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 22:03:06 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-d49403fd-098b-41ec-b2fa-70a24447f25c' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://suphelper.ru wss://suphelper.ru *.suphelper.ru https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
cache-control: public, max-age=300
last-modified: Tue, 03 Jan 2023 09:24:23 GMT
etag: W/"28e6c-18576f23558"
vary: Accept-Encoding
cf-cache-status: HIT
age: 122
server: cloudflare
cf-ray: 78fc89656f06f162-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1xlite-615175.top/web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-615175.top%2Fen%2Fregistration&geo=137&language=en
178.253.15.10200 OK 0 B URL HTTP/2 1xlite-615175.top/web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-615175.top%2Fen%2Fregistration&geo=137&language=en
IP 178.253.15.10:0
GET /web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-615175.top%2Fen%2Fregistration&geo=137&language=en HTTP/1.1
Host: 1xlite-615175.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-615175.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PCmPS+JYUGobaA3I1Ag==; SESSION=3dc06755f5cffeadb5dd8a2981480335; lng=en; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22epllc63d2f879000d5f0a%22%7D; window_width=1280; che_g=7a813bbb-60f4-9c6a-622e-1531a0012c3a; tzo=0; _ga_7JGWL9SV66=GS1.1.1674770584.1.1.1674770585.0.0.0; _ga=GA1.2.1996698405.1674770585; _gid=GA1.2.1432395218.1674770585; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1674788361; ggru=181; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 22:03:05 GMT
content-type: application/vnd.api+json
cache-control: max-age=300, private
server-timing: p;dur=23, dt_285;dur=25
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2