lite-1x768595.top/us/registration
178.253.14.138301 Moved Permanently 162 B URL HTTP/1.1 lite-1x768595.top/us/registration
IP 178.253.14.138:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
GET /us/registration HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 30 Oct 2022 20:52:18 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://lite-1x768595.top/us/registration
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 82788b8b26eeba7f492106ea47729bbb
823b2d3c336d11064a6b809057bed46bb65a7969
7671d088ba1420ffa01dbd63c5f7ab28d52d3591bc04c4cc182d1f9e64a7f2f8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7671D088BA1420FFA01DBD63C5F7AB28D52D3591BC04C4CC182D1F9E64A7F2F8"
Last-Modified: Sat, 29 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3575
Expires: Sun, 30 Oct 2022 21:51:53 GMT
Date: Sun, 30 Oct 2022 20:52:18 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2c936a37c0ab225115a83277467091ec
d357ab9189990d3718036f67c12f467efe43552d
747c8165e4d62420f0c769d2e91ca9e7a04cfc02bd29f35ca3f74c106964c04f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3591
Cache-Control: max-age=135518
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:18 GMT
Etag: "635e4459-1d7"
Expires: Tue, 01 Nov 2022 10:30:56 GMT
Last-Modified: Sun, 30 Oct 2022 09:31:05 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2c936a37c0ab225115a83277467091ec
d357ab9189990d3718036f67c12f467efe43552d
747c8165e4d62420f0c769d2e91ca9e7a04cfc02bd29f35ca3f74c106964c04f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3591
Cache-Control: max-age=135518
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:18 GMT
Etag: "635e4459-1d7"
Expires: Tue, 01 Nov 2022 10:30:56 GMT
Last-Modified: Sun, 30 Oct 2022 09:31:05 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e59d16ee0744a08cb29d0f7e664a3827
f64722982e24ecc948f599edc76e36250ddf5112
2ef6e5bddd86663d50c9c66bc8b46f92534f4d0ef5e490a24fb876355ec006b9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2EF6E5BDDD86663D50C9C66BC8B46F92534F4D0EF5E490A24FB876355EC006B9"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18134
Expires: Mon, 31 Oct 2022 01:54:32 GMT
Date: Sun, 30 Oct 2022 20:52:18 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VA+cXvtdXeV2b4UrMAekSoXnb5lyFI41jL93LgDah0wjP7hEXqoQiXvO3bXfoJnXvPuK3kF4504=
x-amz-request-id: 5V1DN155FC0XKCKT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 30 Oct 2022 20:11:14 GMT
age: 2464
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 90a62efcd267ea93d98bb96d3d73718c
7758b9689c31dbd96c0178a310d32a2cf7589d2a
d188b31b9c4a8c160267c2ee401be9e4a6f95b3fde929589f5418325e783cac7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D188B31B9C4A8C160267C2EE401BE9E4A6F95B3FDE929589F5418325E783CAC7"
Last-Modified: Sat, 29 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4742
Expires: Sun, 30 Oct 2022 22:11:20 GMT
Date: Sun, 30 Oct 2022 20:52:18 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9764c875002c224f81bd966db2995460
dd384811c207f54188bd097e286b2880bfcbc28b
13d0f25b1d045a816fe13b56d04af6ae00a5e2862412c781e53e069c2d33a3a1
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4222
Cache-Control: max-age=131090
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:19 GMT
Etag: "635e3097-1d7"
Expires: Tue, 01 Nov 2022 09:17:09 GMT
Last-Modified: Sun, 30 Oct 2022 08:06:47 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 32e837c0fbe63274d45283b4a023dd6c
6f6548aab66b39153530fea54d95b20b85b24ef8
6cf1a45a66254ab7a94cf29a4ac72878c84303b214a3bf49eb637d6babbaf554
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
35.83.241.90101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.241.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qTZfNflivVhCSPNoJQqH5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hAnWriQ3zEKpUkBnqZlKNr50KzI=
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.10200 OK 2.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.10:0
Hash b489c8c967af3a890575f6075c8a80c6
212d16b17eaaa8c24138f323928a46a052c33336
f3eee0ea95c3dc118dbc31488b2a288e7c8b49dbf3b76453b8417cd55a292e45
GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 30 Oct 2022 20:52:19 GMT
date: Sun, 30 Oct 2022 20:52:19 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 30e06f7a84696cf3a5ea793970cd58db
66b6ee5d003a299ed78d2a4e534e95b797ca1c98
684c6e3a6e4896445e56cc47b9274e7c953cc390a8a32c16360e4bc2aba8e9cd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 30 Oct 2022 20:52:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 29 Oct 2022 02:31:56 GMT
Expires: Sat, 05 Nov 2022 02:31:55 GMT
Etag: "66b6ee5d003a299ed78d2a4e534e95b797ca1c98"
Cache-Control: max-age=451775,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 762708b60ad80b59-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 30e06f7a84696cf3a5ea793970cd58db
66b6ee5d003a299ed78d2a4e534e95b797ca1c98
684c6e3a6e4896445e56cc47b9274e7c953cc390a8a32c16360e4bc2aba8e9cd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 30 Oct 2022 20:52:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 29 Oct 2022 02:31:56 GMT
Expires: Sat, 05 Nov 2022 02:31:55 GMT
Etag: "66b6ee5d003a299ed78d2a4e534e95b797ca1c98"
Cache-Control: max-age=451775,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 762708b60c39b527-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 30e06f7a84696cf3a5ea793970cd58db
66b6ee5d003a299ed78d2a4e534e95b797ca1c98
684c6e3a6e4896445e56cc47b9274e7c953cc390a8a32c16360e4bc2aba8e9cd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 30 Oct 2022 20:52:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 29 Oct 2022 02:31:56 GMT
Expires: Sat, 05 Nov 2022 02:31:55 GMT
Etag: "66b6ee5d003a299ed78d2a4e534e95b797ca1c98"
Cache-Control: max-age=451775,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 762708b60cc4b50b-OSL
v3.cdnsfree.com/_nuxt/desktop/default/css/b14c776a.css
8.254.252.213200 OK 569 B URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/b14c776a.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (2501), with no line terminators
Hash ee2cc99e0e096e17f918202a269ff0a4
f532a0c9d8abb136cbf3fc9fb6f504de082ea10d
e723c7c0efebc2baa5b96f162aba8bd6185168e7441c82b6c118215103e18fc9
GET /_nuxt/desktop/default/css/b14c776a.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:19 GMT
content-type: text/css
content-length: 569
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-239"
expires: Mon, 31 Oct 2022 12:25:11 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30554
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/version.json
8.254.252.213200 OK 44 B URL HTTP/2 v3.cdnsfree.com/version.json
IP 8.254.252.213:0
Hash 78e700657777bc9fe9414aaad715137e
7dcc3eb4751bd3fae21a9fa03ef42b0931bb557d
6f5d60c49b8e61c39e5eeb9ccb6ee65899d2db66b8a3b6920a7321973788e662
GET /version.json HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:19 GMT
content-type: application/json
content-length: 44
cache-control: max-age=86400
content-encoding: gzip
etag: "635e467e-2c"
expires: Mon, 31 Oct 2022 09:51:43 GMT
last-modified: Sun, 30 Oct 2022 09:40:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 39639
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/b9749391.modern.js
8.254.252.213200 OK 849 B URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/b9749391.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (2318), with no line terminators
Hash 388a1d9ae80996d5df6acf9a293bf823
b62db5adc9f9611a66c0e7018d2ed6230d569b38
f31a197ebc37350241f21624512b803625176098221b3db3e1b46363b37484fa
GET /_nuxt/desktop/default/b9749391.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 849
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-351"
expires: Mon, 31 Oct 2022 12:31:21 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30427
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/1ff77830.modern.js
8.254.252.213200 OK 92 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/1ff77830.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (65479)
Hash d8dc82d4d0dbd910dede76fda4f83000
85a75c483686ef1558714e5591025b5f666d17bd
b077b5aee2dc0cb996ac03ef0dab34cffc2e89859d4ea6c04c1498fe8a1cb519
GET /_nuxt/desktop/default/1ff77830.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 91837
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-166bd"
expires: Mon, 31 Oct 2022 12:22:26 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30593
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
8.254.252.213200 OK 705 B URL HTTP/2 v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP 8.254.252.213:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash bb246c88651f63256e658dccd79ba91f
560cf8f76dad56a5c10a0f66cc4a200df301265d
30e59f903e6fab358b7bfb110a8bf83aefaf5376f2c60293a20f58c9f9fc45e8
GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:19 GMT
content-type: image/svg+xml
content-length: 705
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Sun, 30 Oct 2022 20:49:38 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 288
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/f6fe7e8c.modern.js
8.254.252.213200 OK 490 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/f6fe7e8c.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 490 kB (490351 bytes)
Hash 4a411285c5509192577844aed692959d
412b615d398315164a9c641e72a2fdbca0c4caf3
e0216794c4de0f7e7a714c0c12480a6ff4e55faa01df2508455f314f4ee7de36
GET /_nuxt/desktop/default/f6fe7e8c.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 490351
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-77b6f"
expires: Mon, 31 Oct 2022 16:17:03 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 16516
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/55064564.modern.js
8.254.252.213200 OK 631 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/55064564.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (62776)
Size 631 kB (631074 bytes)
Hash 440f205c47c00c3bcfc78df8bf5e4c34
25c971e6dd261359d63bfd44d01aa0a8404023a0
5a61959364040fd119a4614c683cc2d941dbaf7c649a3adf6838212858535282
GET /_nuxt/desktop/default/55064564.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 631074
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-9a122"
expires: Mon, 31 Oct 2022 12:22:26 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30593
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/af2fd40b.css
8.254.252.213200 OK 76 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/af2fd40b.css
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash 76ad85900966b9570915e646d228adf3
53990cc2e7f7089240a0cee7fc2f91fab663c957
f8ef8256fd3058d4d830c16b88eebcc25e92d63ee7ae0d84ef90565917696cbb
GET /_nuxt/desktop/default/css/af2fd40b.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:19 GMT
content-type: text/css
content-length: 76129
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-12961"
expires: Mon, 31 Oct 2022 11:11:51 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 34830
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 30e06f7a84696cf3a5ea793970cd58db
66b6ee5d003a299ed78d2a4e534e95b797ca1c98
684c6e3a6e4896445e56cc47b9274e7c953cc390a8a32c16360e4bc2aba8e9cd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 30 Oct 2022 20:52:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 29 Oct 2022 02:31:56 GMT
Expires: Sat, 05 Nov 2022 02:31:55 GMT
Etag: "66b6ee5d003a299ed78d2a4e534e95b797ca1c98"
Cache-Control: max-age=451775,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 762708b5fbf20b06-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 30e06f7a84696cf3a5ea793970cd58db
66b6ee5d003a299ed78d2a4e534e95b797ca1c98
684c6e3a6e4896445e56cc47b9274e7c953cc390a8a32c16360e4bc2aba8e9cd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 30 Oct 2022 20:52:19 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 29 Oct 2022 02:31:56 GMT
Expires: Sat, 05 Nov 2022 02:31:55 GMT
Etag: "66b6ee5d003a299ed78d2a4e534e95b797ca1c98"
Cache-Control: max-age=451775,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 762708b60998b4f9-OSL
lite-1x768595.top/us/registration
178.253.14.138200 OK 178 kB URL HTTP/2 lite-1x768595.top/us/registration
IP 178.253.14.138:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43363)
Size 178 kB (177860 bytes)
Hash 13809a3ad446d5fc4889dd9006c8422b
8d542c64f0a6b9a9fddf63e4fa9963175fc56b5e
ddd9dc2d8a834b691d0804dc9f4ab73426eb4a09433cfa9dd6c64cff9ea9fbd9
Analyzer Verdict Alert quad9 Sinkholed
GET /us/registration HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:19 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=520;desc="Nuxt Server Time", dt_285;dur=533
set-cookie: platform_type=desktop; Path=/; Expires=Wed, 02 Nov 2022 20:52:18 GMT
SESSION=31d0a193f5d39b8797951cdbee5ac8ee; Path=/; HttpOnly; Secure; SameSite=Lax
lng=us; Path=/
auid=sv0OimNe5ANQgyJtA/IQAg==; expires=Mon, 30-Oct-23 20:52:19 GMT; path=/
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/39476c26.css
8.254.252.213200 OK 137 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/39476c26.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 137 kB (136757 bytes)
Hash 2535b7df629050f8e05bad089a5ac5b3
d0efd4ab4fa32e5855fd01d21b4156c5ddd92464
c4f46aba0691cabe703ce5ccc55b4f4df7b99822b434b3b77f32de044a1603f8
GET /_nuxt/desktop/default/css/39476c26.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:19 GMT
content-type: text/css
content-length: 136757
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-21635"
expires: Mon, 31 Oct 2022 12:22:26 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30594
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5580dc56f5c8e3012864d54092c07b3a
fb9997cf8b29e970213ed34a4d637bb8525a6eb0
cadce1c220b25d204eabfced3ba1f72efc34c3273f372dc90f098e78d4f038ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 5580dc56f5c8e3012864d54092c07b3a
fb9997cf8b29e970213ed34a4d637bb8525a6eb0
cadce1c220b25d204eabfced3ba1f72efc34c3273f372dc90f098e78d4f038ba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 19:34:08 GMT
expires: Thu, 26 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 350292
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 14:07:32 GMT
expires: Thu, 26 Oct 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 369888
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0796db2947913177a820acd13c2d3db5
b7242ad5635409395392ee5e33cee0bf18daddc3
1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12259
Expires: Mon, 31 Oct 2022 00:16:39 GMT
Date: Sun, 30 Oct 2022 20:52:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0796db2947913177a820acd13c2d3db5
b7242ad5635409395392ee5e33cee0bf18daddc3
1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12259
Expires: Mon, 31 Oct 2022 00:16:39 GMT
Date: Sun, 30 Oct 2022 20:52:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0796db2947913177a820acd13c2d3db5
b7242ad5635409395392ee5e33cee0bf18daddc3
1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12259
Expires: Mon, 31 Oct 2022 00:16:39 GMT
Date: Sun, 30 Oct 2022 20:52:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0796db2947913177a820acd13c2d3db5
b7242ad5635409395392ee5e33cee0bf18daddc3
1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12259
Expires: Mon, 31 Oct 2022 00:16:39 GMT
Date: Sun, 30 Oct 2022 20:52:20 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0796db2947913177a820acd13c2d3db5
b7242ad5635409395392ee5e33cee0bf18daddc3
1e3c6603b9e37a4479f38ed861cd9640fe43f0779d4f6142719117ef7687b5fe
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1E3C6603B9E37A4479F38ED861CD9640FE43F0779D4F6142719117EF7687B5FE"
Last-Modified: Sat, 29 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12259
Expires: Mon, 31 Oct 2022 00:16:39 GMT
Date: Sun, 30 Oct 2022 20:52:20 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c52f3ba-431b-49b4-add9-144f1ed29d24.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c52f3ba-431b-49b4-add9-144f1ed29d24.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash eb172796a2f188864b0e43cf4d12f0e7
c2e6735cb55bcf25432b08856fb7f4544d2a2ecb
3f018e0106027564814413ba39ef05813be65c16c022263474067a9c98d41987
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c52f3ba-431b-49b4-add9-144f1ed29d24.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9382
x-amzn-requestid: 40fd211a-60bb-4447-bda0-d30732de7912
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayVxOFEToAMF2vA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9cd4-314afc4f42f9568505a97997;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4tX99HLMI7-6q8ajqNCbuN_C_gCwwS_rcO_UQSnss4AULVq73Mt_yg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 21:57:14 GMT
age: 82506
etag: "c2e6735cb55bcf25432b08856fb7f4544d2a2ecb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca9b1449-9118-4f7b-8444-7c8d22164616.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca9b1449-9118-4f7b-8444-7c8d22164616.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6138c205ed582180977c00ae3231e5dd
76e15ea81dc440923032e72c3a8601124d895712
f5e7c84c06192e19ff0d5743031a770f79e89a7b41903ef37dab1bafb3978ac6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca9b1449-9118-4f7b-8444-7c8d22164616.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10683
x-amzn-requestid: e8e77d09-5ea6-4ac8-8327-d18c78168383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayV3aGtsoAMFa-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9cfc-3af1e39158fbc9dd3b1f3cf9;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: LQcGQaZ_pYAr1ZAcFoBGWBe6HznR6pzTcRLS56bxA4hcbRgEhme00A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 21:49:18 GMT
age: 82982
etag: "76e15ea81dc440923032e72c3a8601124d895712"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fb1110221ffc54766308cbf62f94cd9f
926f36919d5875592200b78d286edcb4c3ba884c
8344d57bc8358da2a5911c62a344a3dcf819ce44dac0da0624c73ab40ac1ef44
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79049f5d-175e-4d0f-94ea-6d5a1fcadca0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9460
x-amzn-requestid: b6ae8f45-7ab3-4133-a809-625e43880ca3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ao2KFGjooAMFixQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359d0a6-71cf181e6bb045e51cad83cd;Sampled=0
x-amzn-remapped-date: Thu, 27 Oct 2022 00:28:22 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: VAIMIJ-siO04xME1h1AiEM0Na8aWz1k_3MCYFAswegxR90jBACpChg==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 30 Oct 2022 05:29:37 GMT
age: 55363
etag: "926f36919d5875592200b78d286edcb4c3ba884c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04fada3-6f86-41fd-be82-9370d0b3a44c.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04fada3-6f86-41fd-be82-9370d0b3a44c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 813760fc1cdeaffc44e203eb4bea2a41
1fb8b4bf212166d392da3ddd2d48f1465000cfc2
86848c8ab08561d84f883c592a68f1468f606dd29a208138977dd5da6e642934
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04fada3-6f86-41fd-be82-9370d0b3a44c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8054
x-amzn-requestid: cfcf6ce9-6c48-4187-8882-a2ba3171f69a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayV3tFW0oAMF8WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9cfd-5be118db6a7ad23a47f6e604;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:37:02 GMT
x-amz-cf-pop: SFO20-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: v5cMJY753gw82sJlnB36Vi3wONqO3NwxPazRRdKr2URsfqGDRnsYoQ==
via: 1.1 c1caaceb6655a57ae014aef7bc8ec388.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 21:53:46 GMT
age: 82714
etag: "1fb8b4bf212166d392da3ddd2d48f1465000cfc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35161f25-76fc-4488-8158-91f54bebc480.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35161f25-76fc-4488-8158-91f54bebc480.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c09cea8034a4c555227e8d4538c61a1
c796c0c760e916e8f227ecf9d6100aaa1dfb08a9
f5c7130a9319f0393b563f4df00cafbe979de2a277e30b3c4029c68e1f1b3ef8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F35161f25-76fc-4488-8158-91f54bebc480.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13896
x-amzn-requestid: 5f5ee765-aaf1-420e-b3c7-b44ef0a1ecfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayWR2EFVoAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9da5-4c1fa6b86b7965b22204d184;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DNYMwkpYg-pb2JvdSaHh5mMuP_6dYclG6hnKEos0wC7w7WEE-nvznA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 21:51:48 GMT
age: 82832
etag: "c796c0c760e916e8f227ecf9d6100aaa1dfb08a9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F173899d5-a6c1-4568-b9bb-656991aa35ac.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F173899d5-a6c1-4568-b9bb-656991aa35ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ca2c80d1659f0cef2fd6913f1c48db2a
7a37d18cb01b4fa0e169a23988c76065c05fcb48
43dda0a73db1e4ce7546b88c47d0dd4ec5457fc1da3cfbe3ba6dab5501c9da3d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F173899d5-a6c1-4568-b9bb-656991aa35ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9296
x-amzn-requestid: 721b37d6-f1f3-4932-ad64-fbd5936ce6fe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ayVxOFm6oAMFfzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635d9cd4-0c8925962ef5fb343b20c0ea;Sampled=0
x-amzn-remapped-date: Sat, 29 Oct 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 02tLzBXbzWoMfoXRemh0Kp-5J3phg101H7DSTzldiC2N2UP0t2pKvA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 29 Oct 2022 21:53:43 GMT
age: 82717
etag: "7a37d18cb01b4fa0e169a23988c76065c05fcb48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lite-1x768595.top/_nuxt/desktop/default/css/b14c776a.css
178.253.14.138200 OK 569 B URL HTTP/2 lite-1x768595.top/_nuxt/desktop/default/css/b14c776a.css
IP 178.253.14.138:0
File type ASCII text, with very long lines (2501), with no line terminators
Hash ee2cc99e0e096e17f918202a269ff0a4
f532a0c9d8abb136cbf3fc9fb6f504de082ea10d
e723c7c0efebc2baa5b96f162aba8bd6185168e7441c82b6c118215103e18fc9
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/css/b14c776a.css HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:20 GMT
content-type: text/css
content-length: 569
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
vary: Accept-Encoding
etag: "635e45bd-239"
content-encoding: gzip
expires: Sun, 30 Oct 2022 21:52:20 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1667163137100
178.253.14.138200 OK 145 B URL HTTP/2 lite-1x768595.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1667163137100
IP 178.253.14.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81d90db48c09d6f764c4929c90eadfc1
6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1667163137100 HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:20 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x768595.top/pwa
178.253.14.138200 OK 15 B IP 178.253.14.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e4766fd1b2ba2e236fd9364587f99ab
eb98dec7af065d80a1a3ddb99cb3e3c0919aa852
4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b
Analyzer Verdict Alert quad9 Sinkholed
GET /pwa HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x768595.top/us/registration
Connection: keep-alive
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/json; charset=utf-8
content-length: 15
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
server-timing: dt_285;dur=377
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/733bdf44.modern.js
8.254.252.213200 OK 1.0 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/733bdf44.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (2404), with no line terminators
Hash e8f75b453cfe0919bbda40aee4a1f909
2303f1b61eff35dcb726aa323e676333ee14b8a8
4ad51721d877d2b19e82cd9552803c9f44c5e965fbb7fbb086fafbf3363f1d1d
GET /_nuxt/desktop/default/733bdf44.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 1031
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-407"
expires: Mon, 31 Oct 2022 12:22:41 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30582
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7f82bd4d59e524ef0773811a0c7414a3
bb1aa4c3dfebc047a5b5648ae6a3c84c977a4840
9022a411f7f5da582b358b51faa5aca04f1e7012f835d271a821af9c1a73d233
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-178408567-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash 7bb8ea8bba43fc4ec5e046b48fd5df3c
57ece1922d999551dc56f3dab051e5afb78b0423
4ee02a82ee27136df2da88cb12c5efe795ce09414a8e3c4bfe633d8a3d8698f2
GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 30 Oct 2022 20:52:21 GMT
expires: Sun, 30 Oct 2022 20:52:21 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44662
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d1b734baf0e28947ae6f7af84d10bda1
329f96426985e98dc4230536ed6c6048d833c4a5
d8b0178267437b28782d0961896f0a639f675e19a05dd2c85a947f48e3ac47b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 886
Cache-Control: max-age=151147
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:21 GMT
Etag: "635e8bfa-1d7"
Expires: Tue, 01 Nov 2022 14:51:28 GMT
Last-Modified: Sun, 30 Oct 2022 14:36:42 GMT
Server: ECS (amb/6B98)
X-Cache: HIT
Content-Length: 471
lite-1x768595.top/version.json?timestamp=1667163137649
178.253.14.138200 OK 11 B URL HTTP/2 lite-1x768595.top/version.json?timestamp=1667163137649
IP 178.253.14.138:0
Hash 514978b4f7a33fee492789b7093389fd
bf7ffbb88c01dedabb7ffc673981cb08556ebc84
e6d8ee06ef10b41a64dc275f96914335e4d1300898c47f680b8b42b8323f22a7
Analyzer Verdict Alert quad9 Sinkholed
GET /version.json?timestamp=1667163137649 HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/json; charset=UTF-8
content-length: 11
cache-control: no-cache
etag: W/"b-v3/7uIwB3tq7f/xnOYHLCFVuvIQ"
pragma: no-cache
server-timing: dt_285;dur=1
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7f82bd4d59e524ef0773811a0c7414a3
bb1aa4c3dfebc047a5b5648ae6a3c84c977a4840
9022a411f7f5da582b358b51faa5aca04f1e7012f835d271a821af9c1a73d233
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d1b734baf0e28947ae6f7af84d10bda1
329f96426985e98dc4230536ed6c6048d833c4a5
d8b0178267437b28782d0961896f0a639f675e19a05dd2c85a947f48e3ac47b3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 886
Cache-Control: max-age=151147
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:21 GMT
Etag: "635e8bfa-1d7"
Expires: Tue, 01 Nov 2022 14:51:28 GMT
Last-Modified: Sun, 30 Oct 2022 14:36:42 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
v3.cdnsfree.com/_nuxt/desktop/default/a900795a.modern.js
8.254.252.213200 OK 5.4 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/a900795a.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (13502), with no line terminators
Hash 9fe7d2b00b1d6d691b1081f9ad3cdcab
ea71afe417600036ed50fe3966ea3bb70518b5ff
79eca6f8104c929655ee1ba2efb7833fa76a61664195e2f1c431516ea9984ebb
GET /_nuxt/desktop/default/a900795a.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 5381
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-1505"
expires: Mon, 31 Oct 2022 12:22:55 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30566
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/dafd9e68.css
8.254.252.213200 OK 1.8 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/dafd9e68.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (9474), with no line terminators
Hash 9276a304885ef6da99ff316dc3f8e521
6bb7e112e40b2bd9d27f620ec47de7eca5ef247f
e4fb1f33cea290094d54953e1493c181e8ea4dfd0c2ee791d103e83db46152e9
GET /_nuxt/desktop/default/css/dafd9e68.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: text/css
content-length: 1842
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-732"
expires: Mon, 31 Oct 2022 12:39:39 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30500
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/d099b95c.modern.js
8.254.252.213200 OK 12 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/d099b95c.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (44677), with no line terminators
Hash 3204a8fe67a8935506a89d0cf200315d
eea5ac9308ab50d80b668c17f475b6de5c833865
1686dc59efda3ce63b84b67a51b8c0288944181bf1dd90fd1a7d658fdda2f047
GET /_nuxt/desktop/default/d099b95c.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 12253
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-2fdd"
expires: Mon, 31 Oct 2022 12:34:07 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30498
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/b83dea14.css
8.254.252.213200 OK 887 B URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/b83dea14.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (3443), with no line terminators
Hash d5f8147b836a0ab08e30afd886556aca
3f558746d4cc64a2e4bbcb94dd5cd222f1edfdd9
2a19103addf8421a0a1d6b56e56a9261942ea17a0504122b6db2b9aabe130472
GET /_nuxt/desktop/default/css/b83dea14.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: text/css
content-length: 887
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-377"
expires: Mon, 31 Oct 2022 12:23:14 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30569
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/a9e701b4.modern.js
8.254.252.213200 OK 11 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/a9e701b4.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (39421), with no line terminators
Hash 26846e387efe55d2585a52317e704d47
1ae868c391c04bdb2cb2f1821abb33109a1df31a
b313cd71e58859b97edf72594b9d5bfbe6549829e8f3a302907767fe5e5ec560
GET /_nuxt/desktop/default/a9e701b4.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 10584
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-2958"
expires: Mon, 31 Oct 2022 12:22:48 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30575
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/445dc689.modern.js
8.254.252.213200 OK 3.2 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/445dc689.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (8838), with no line terminators
Hash cac3bcce2a5fe6e3392354756359f5ee
21e9ddd8ae3f117bff2b3edc2cc6a7d78244ccca
e566d217e4d498fc481dfb996d4fec3b9348c256db78ccdb102a90bc822e51e0
GET /_nuxt/desktop/default/445dc689.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 3157
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-c55"
expires: Mon, 31 Oct 2022 12:38:24 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30499
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/009b1d91.css
8.254.252.213200 OK 797 B URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/009b1d91.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (3159), with no line terminators
Hash 0a16c56218056ebacdd309ea5ed3543b
cf3f0a8f7ac0733ece1bcd77c428d05b5e8c3566
5c30aab851bb21ba499ec25b5e788e5060dc9dd547222ea10426c77d676edbe2
GET /_nuxt/desktop/default/css/009b1d91.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: text/css
content-length: 797
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-31d"
expires: Mon, 31 Oct 2022 12:39:39 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30500
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 26 Oct 2022 19:34:08 GMT
expires: Thu, 26 Oct 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 350293
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/89ac4e42.modern.js
8.254.252.213200 OK 1.1 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/89ac4e42.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (2451), with no line terminators
Hash 565f0f1a5fbdcec18d3f3c1a4108f7d6
98539fceb78504f968ee7d3e3b1ad0d5cb7e1040
8e2b1703142bd06526f1582aa9a002f8e43f417bf81183d6479bf8713253b3ec
GET /_nuxt/desktop/default/89ac4e42.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 1063
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-427"
expires: Mon, 31 Oct 2022 12:22:59 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30562
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/ad7f9297.modern.js
8.254.252.213200 OK 26 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/ad7f9297.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash d93501e61d81be0a5eb8578085aa1daf
09ba14e341ca783d110eedfbf325f622198d416d
88fb5ff062647c6b1da9d605394f12641a5cba9966089964926d90ac7ee36a7f
GET /_nuxt/desktop/default/ad7f9297.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 26106
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-65fa"
expires: Mon, 31 Oct 2022 12:23:01 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30560
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x768595.top/checker/redirect/stat/run/
178.253.14.138200 OK 49 B URL HTTP/2 lite-1x768595.top/checker/redirect/stat/run/
IP 178.253.14.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b7a9075de81cdb1a9fa74fa71b5126dd
9d651f649e1c5eab95d3b0ca7cc9b02dec41df61
86877f86c7d18d59e54d73c43e6709a91a7f0a6a86980cada7f4b7e69c13cf20
Analyzer Verdict Alert quad9 Sinkholed
GET /checker/redirect/stat/run/ HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1280; che_g=87fadbbc-902e-9086-1082-3d93feeb8194
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/json; charset=utf-8
content-length: 49
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 30 Oct 2022 20:41:09 GMT
expires: Sun, 30 Oct 2022 22:41:09 GMT
cache-control: public, max-age=7200
age: 672
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/external-api/getFirstDepositBonus
178.253.14.138200 OK 182 B URL HTTP/2 lite-1x768595.top/web-api/external-api/getFirstDepositBonus
IP 178.253.14.138:0
Hash 401f19ec533de7783360b7c04d6b338d
ca334739bd7bc45c8afac1d4208cc4d47bc9d759
5e4423ad46d52c8c6881315859c5fc2794ddff1e1c698886607181b0a2737b4c
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=33, dt_285;dur=35
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1667163138467
178.253.14.138200 OK 145 B URL HTTP/2 lite-1x768595.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1667163138467
IP 178.253.14.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81d90db48c09d6f764c4929c90eadfc1
6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1667163138467 HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1280; che_g=87fadbbc-902e-9086-1082-3d93feeb8194; _ga=GA1.1.83265428.1667163138; _gid=GA1.2.500052937.1667163138; _ga_7JGWL9SV66=GS1.1.1667163138.1.0.1667163138.0.0.0; is_rtl=1; tzo=0; fast_coupon=true; v3fr=1; _glhf=1667180918
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:22 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x768595.top/_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg
178.253.14.138200 OK 41 kB URL HTTP/2 lite-1x768595.top/_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg
IP 178.253.14.138:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 3cab11ffe256bb632aee6fb329ec880d
40070d9e01f5352020c06cd039b31690d44a6386
eb6c36acdf62a3cf856478ea76cd4741364b09ce3c84a1720491ef1ee6b1e37d
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
etag: W/"635e45bd-196ca"
expires: Mon, 31 Oct 2022 20:26:54 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/registration
178.253.14.138200 OK 1.0 kB URL HTTP/2 lite-1x768595.top/web-api/registration
IP 178.253.14.138:0
Hash 2df55a732d2bc80c6dad99a5c0559c16
87f5861a3f47be5b22bfae9265900895c38c8b9e
7a5a063d0a462e8a2df126c7ba28eda85d5a5eda9364f3fe66ca7bfaedf4e2a3
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/registration HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Content-Type: application/json
Content-Length: 18
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1280; che_g=87fadbbc-902e-9086-1082-3d93feeb8194
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:22 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
server-timing: dt_285;dur=58
set-cookie: is_rtl=1; expires=Mon, 30-Oct-2023 20:52:22 GMT; Max-Age=31536000; path=/; HttpOnly
tzo=3; expires=Mon, 30-Oct-2023 20:52:22 GMT; Max-Age=31536000; path=/
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
fast_coupon=true; expires=Sun, 06-Nov-2022 20:52:22 GMT; Max-Age=604800; path=/
v3fr=1; expires=Wed, 02-Nov-2022 20:52:22 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/_nuxt/svg-sprites/bonusSelect-ded7dd51533821883cb34162ac60dc3c.svg
178.253.14.138200 OK 6.9 kB URL HTTP/2 lite-1x768595.top/_nuxt/svg-sprites/bonusSelect-ded7dd51533821883cb34162ac60dc3c.svg
IP 178.253.14.138:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15052), with no line terminators
Hash 137e8aa7c49b0be6a459827f841960b5
35d6a000f651692e299ca38d62dc0974cea7506a
15e32595907d0d71f5177e8931070b6ca20026a816e358aeeae75ec57b44a3d6
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/svg-sprites/bonusSelect-ded7dd51533821883cb34162ac60dc3c.svg HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1280; che_g=87fadbbc-902e-9086-1082-3d93feeb8194; _ga=GA1.1.83265428.1667163138; _gid=GA1.2.500052937.1667163138; _ga_7JGWL9SV66=GS1.1.1667163138.1.0.1667163138.0.0.0; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1667180918; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:22 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sun, 30 Oct 2022 09:35:01 GMT
etag: W/"635e4545-3acc"
expires: Mon, 31 Oct 2022 20:49:25 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/translation-api/by-lang/us
178.253.14.138200 OK 7.0 kB URL HTTP/2 lite-1x768595.top/translation-api/by-lang/us
IP 178.253.14.138:0
Hash 02431d8a5a17de85158fc048dbd90282
92cb80c63239de43f5cdb1038ed8f0e052973f6f
0831f491c3168342f4e19a125a8a80be4aa58e39632eed4898649b4ecf1ea241
Analyzer Verdict Alert quad9 Sinkholed
GET /translation-api/by-lang/us HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1280; che_g=87fadbbc-902e-9086-1082-3d93feeb8194; _ga=GA1.1.83265428.1667163138; _gid=GA1.2.500052937.1667163138; _ga_7JGWL9SV66=GS1.1.1667163138.1.0.1667163138.0.0.0; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1667180918; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:22 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/1e109abb.modern.js
8.254.252.213200 OK 8.0 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/1e109abb.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (34923), with no line terminators
Hash 7656cbb371e8ca915f34f2eeb444fbef
d19be0b4c50ec079c63f9ef419be435d2cf65caf
f0f71816b39064461fd5a6cbc31ae235e14572522f51fe2209dd9fedb3a653f4
GET /_nuxt/desktop/default/1e109abb.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 30 Oct 2022 20:52:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 7952
cache-control: max-age=86400
content-encoding: gzip
etag: "635e45bd-1f10"
expires: Mon, 31 Oct 2022 12:22:55 GMT
last-modified: Sun, 30 Oct 2022 09:37:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30567
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 2e2bd4b97aca6a0eec8270833c2cb16a
0e256dc85f9f91643c009971483db657c7947788
6763be97e81767383bc3bfdb88622403474845e2fffd9bbc6faae735a1d52e33
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=explicit&hl=us
142.250.74.164200 OK 555 B URL HTTP/2 www.google.com/recaptcha/api.js?render=explicit&hl=us
IP 142.250.74.164:0
File type ASCII text, with very long lines (852), with no line terminators
Hash 1ccee7b75ec870edaad587cd5eea1173
117108d44d26819e6f91c23b8adde1176e3cf19e
48810a139a1c18636ee2e9fe6897fb513fa40332d2a06ae5eedfd466f9253864
GET /recaptcha/api.js?render=explicit&hl=us HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sun, 30 Oct 2022 20:52:22 GMT
date: Sun, 30 Oct 2022 20:52:22 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 555
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 3ff3fa16e037f40095f7c9dbd53acf10
64193a0dcf67f1a316e7df5b681b822f85a20b29
9fe09be583afafdfdacd77bd7cbca3f68e16a34890163ff581e9f436a7f10045
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66>m=2oeaq0&_p=669030073&cid=83265428.1667163138&ul=en-us&sr=1280x1024&_s=1&sid=1667163138&sct=1&seg=0&dl=https%3A%2F%2Flite-1x768595.top%2Fus%2Fregistration&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66>m=2oeaq0&_p=669030073&cid=83265428.1667163138&ul=en-us&sr=1280x1024&_s=1&sid=1667163138&sct=1&seg=0&dl=https%3A%2F%2Flite-1x768595.top%2Fus%2Fregistration&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=2oeaq0&_p=669030073&cid=83265428.1667163138&ul=en-us&sr=1280x1024&_s=1&sid=1667163138&sct=1&seg=0&dl=https%3A%2F%2Flite-1x768595.top%2Fus%2Fregistration&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://lite-1x768595.top
date: Sun, 30 Oct 2022 20:52:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 705300d410377c8d82ace4b2ea761292
25c400c9c7fe6dd40af104c02ff3f533b3cea19e
c59f1dff3280fdb79fd17e7108030cbb01375df2485e984f20c920effef68c99
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__en.js
142.250.74.163200 OK 161 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__en.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (692)
Size 161 kB (161443 bytes)
Hash f08dc1af68358a3cfc29cc0f7ed68597
bcc7efc80663dd060d7e9e7513994439c0e59a68
01ceb7d3a7706a69ecefbc7863914626ccde29859326c51f98e236bea8242767
GET /recaptcha/releases/NJPGLzpIZgjszqyOymHUP0XR/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 161443
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Oct 2022 19:56:30 GMT
expires: Sun, 29 Oct 2023 19:56:30 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 24 Oct 2022 04:01:21 GMT
content-type: text/javascript
age: 89752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x768595.top/_nuxt/svg-sprites/country-5ae080c0900f8ab990025425a54e475d.svg
178.253.14.138200 OK 472 B URL HTTP/2 lite-1x768595.top/_nuxt/svg-sprites/country-5ae080c0900f8ab990025425a54e475d.svg
IP 178.253.14.138:0
Hash 705300d410377c8d82ace4b2ea761292
25c400c9c7fe6dd40af104c02ff3f533b3cea19e
c59f1dff3280fdb79fd17e7108030cbb01375df2485e984f20c920effef68c99
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/svg-sprites/country-5ae080c0900f8ab990025425a54e475d.svg HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration?type=fast
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1280; che_g=87fadbbc-902e-9086-1082-3d93feeb8194; _ga=GA1.1.83265428.1667163138; _gid=GA1.2.500052937.1667163138; _ga_7JGWL9SV66=GS1.1.1667163138.1.1.1667163138.0.0.0; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1667180918; ggru=167; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:22 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sun, 30 Oct 2022 09:35:01 GMT
etag: W/"635e4545-26132"
expires: Mon, 31 Oct 2022 18:42:21 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash f9fd3e3024422b078ca37b5ae282e58d
97dcb4ee7972c9d73289567d07b58dd0cc0210a8
9148420ebda43c94ef3da72915447e14a74c2cc479a8234eadb1499f91e04a29
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5390
Cache-Control: max-age=138718
Content-Type: application/ocsp-response
Date: Sun, 30 Oct 2022 20:52:23 GMT
Etag: "635e49d7-117"
Expires: Tue, 01 Nov 2022 11:24:21 GMT
Last-Modified: Sun, 30 Oct 2022 09:54:31 GMT
Server: ECS (amb/6BC8)
X-Cache: HIT
Content-Length: 279
lite-1x768595.top/web-api/g/4bb3191c345982a0f900644a17b07b028ff1e217
178.253.14.138200 OK 45 kB URL HTTP/2 lite-1x768595.top/web-api/g/4bb3191c345982a0f900644a17b07b028ff1e217
IP 178.253.14.138:0
Hash 68ec39b251ffc37f10d8fb922dce91a0
106730f04f8f916a6e573063a2dabf38cf6a9cb5
7976eb3581009020258a3053a20bc94ca56ceb04bb267ce443b61f2d23fba18d
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/g/4bb3191c345982a0f900644a17b07b028ff1e217 HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x768595.top/us/registration?type=fast
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://lite-1x768595.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1280; che_g=87fadbbc-902e-9086-1082-3d93feeb8194; _ga=GA1.1.83265428.1667163138; _gid=GA1.2.500052937.1667163138; _ga_7JGWL9SV66=GS1.1.1667163138.1.1.1667163138.0.0.0; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1667180918; ggru=167; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:23 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=18, dt_285;dur=20
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/registration/fields
178.253.14.138200 OK 22 kB URL HTTP/2 lite-1x768595.top/web-api/registration/fields
IP 178.253.14.138:0
Hash 061169eb6380b4fac8480a3c6974510e
a4a0ddd8a38177ca03f9f0320ada0c2540ee76ff
d8410b5705764d13fc9b6c47a47ea338df448788abcbd350262753e1962e4a4c
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/registration/fields HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Content-Type: application/json
Content-Length: 19
Origin: https://lite-1x768595.top
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1280; che_g=87fadbbc-902e-9086-1082-3d93feeb8194; _ga=GA1.1.83265428.1667163138; _gid=GA1.2.500052937.1667163138; _ga_7JGWL9SV66=GS1.1.1667163138.1.0.1667163138.0.0.0; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1667180918; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:22 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
server-timing: dt_285;dur=68
set-cookie: is_rtl=1; expires=Mon, 30-Oct-2023 20:52:22 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
radar.cedexis.com/1593429750/radar.js
35.241.57.45200 OK 0 B URL HTTP/2 radar.cedexis.com/1593429750/radar.js
IP 35.241.57.45:0
GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x768595.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/javascript
last-modified: Mon, 29 Jun 2020 11:30:29 GMT
vary: Accept-Encoding
etag: W/"5ef9d0d5-af5c"
expires: Sun, 13 Nov 2022 20:52:21 GMT
cache-control: max-age=1209600, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/external-api/seo/metadata?url=https:%2F%2Flite-1x768595.top%2Fus%2Fregistration&geo=137&language=us
178.253.14.138200 OK 0 B URL HTTP/2 lite-1x768595.top/web-api/external-api/seo/metadata?url=https:%2F%2Flite-1x768595.top%2Fus%2Fregistration&geo=137&language=us
IP 178.253.14.138:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/seo/metadata?url=https:%2F%2Flite-1x768595.top%2Fus%2Fregistration&geo=137&language=us HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration?type=fast
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1280; che_g=87fadbbc-902e-9086-1082-3d93feeb8194; _ga=GA1.1.83265428.1667163138; _gid=GA1.2.500052937.1667163138; _ga_7JGWL9SV66=GS1.1.1667163138.1.1.1667163138.0.0.0; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1667180918; ggru=167; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:22 GMT
content-type: application/vnd.api+json
cache-control: max-age=300, private
server-timing: p;dur=34, dt_285;dur=38
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/external-api/getFirstDepositBonus
178.253.14.138200 OK 0 B URL HTTP/2 lite-1x768595.top/web-api/external-api/getFirstDepositBonus
IP 178.253.14.138:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=29, dt_285;dur=31
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/external-api/seo/links/canonical?url=https:%2F%2Flite-1x768595.top%2Fus%2Fregistration
178.253.14.138200 OK 0 B URL HTTP/2 lite-1x768595.top/web-api/external-api/seo/links/canonical?url=https:%2F%2Flite-1x768595.top%2Fus%2Fregistration
IP 178.253.14.138:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/seo/links/canonical?url=https:%2F%2Flite-1x768595.top%2Fus%2Fregistration HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration?type=fast
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1280; che_g=87fadbbc-902e-9086-1082-3d93feeb8194; _ga=GA1.1.83265428.1667163138; _gid=GA1.2.500052937.1667163138; _ga_7JGWL9SV66=GS1.1.1667163138.1.1.1667163138.0.0.0; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1667180918; ggru=167; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:23 GMT
content-type: application/vnd.api+json
cache-control: max-age=300, private
server-timing: p;dur=682, dt_285;dur=683
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x768595.top/web-api/api/converslon/load
178.253.14.138200 OK 0 B URL HTTP/2 lite-1x768595.top/web-api/api/converslon/load
IP 178.253.14.138:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/converslon/load HTTP/1.1
Host: lite-1x768595.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x768595.top/us/registration
Cookie: platform_type=desktop; SESSION=31d0a193f5d39b8797951cdbee5ac8ee; lng=us; auid=sv0OimNe5ANQgyJtA/IQAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 30 Oct 2022 20:52:21 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=22, dt_285;dur=25
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2