1x-xredbet478860.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
178.253.48.30301 Moved Permanently 162 B URL HTTP/1.1 1x-xredbet478860.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
IP 178.253.48.30:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
GET /registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397 HTTP/1.1
Host: 1x-xredbet478860.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 19 Sep 2022 16:11:19 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://1x-xredbet478860.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 15:12:42 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 475d4ecb64796af058573c6f1048e898.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: u_z3uxHEkLoGXcyX23B-M6CiEQ8qSdBsMvR9lRX_1q125_6g_EtBNQ==
Age: 3517
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5940
Expires: Mon, 19 Sep 2022 17:50:19 GMT
Date: Mon, 19 Sep 2022 16:11:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: -84S-dhYhPscfLeHHz9Zs6C3df_on-Rfs1-rxrmIm4bPm68AHnUI_w==
age: 41766
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9bcc63af4e3470c0b500b96304d35a85
574b50eec8dca59a6a5b714044e84b858d028c2a
89850408ebe3b77b9d46c03d862943e54ccd5e6faa78b81813f81fdfcea162db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89850408EBE3B77B9D46C03D862943E54CCD5E6FAA78B81813F81FDFCEA162DB"
Last-Modified: Mon, 19 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=956
Expires: Mon, 19 Sep 2022 16:27:15 GMT
Date: Mon, 19 Sep 2022 16:11:19 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:19 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
1x-xredbet478860.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
178.253.48.30307 Temporary Redirect 978 B URL HTTP/2 1x-xredbet478860.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
IP 178.253.48.30:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (405)
Hash 7188d76b652053cfd01e2e2468e979a9
29d00c1c7db5cf381d43932b5b661b709ccc72d3
74c6e25466691bd6885a2d4bbdec138f68cfbea55492e1287799c24faad822ed
Analyzer Verdict Alert quad9 Sinkholed
GET /registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397 HTTP/1.1
Host: 1x-xredbet478860.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
server: nginx
date: Mon, 19 Sep 2022 16:11:19 GMT
content-type: text/html; charset=utf-8
content-length: 978
location: https://lite-1x283524.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
x-frame-options: SAMEORIGIN
set-cookie: SESSION=a0023d93c915eaab02a09a63e7470f82; path=/; secure; HttpOnly; SameSite=Lax
lng=en; expires=Wed, 19-Oct-2022 16:11:19 GMT; Max-Age=2592000; path=/
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
flaglng=en; expires=Wed, 19-Oct-2022 16:11:19 GMT; Max-Age=2592000; path=/
auid=sv0wHmMolKdf/3O9BVvVAg==; expires=Tue, 19-Sep-23 16:11:19 GMT; path=/
x-reason: 1080,1078,1074,1015,1021
cache-control: no-cache, private
server-timing: p;dur=68
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0cbecc194fd7ff465fac3a4d18035cb0
c915aef5e55ebfe2fac096a07e66d77b30d1c2f6
d89879b81b0f62f00e92c516129be08addad397a9dbbd134c3f2549e43f34a46
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D89879B81B0F62F00E92C516129BE08ADDAD397A9DBBD134C3F2549E43F34A46"
Last-Modified: Sat, 17 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6708
Expires: Mon, 19 Sep 2022 18:03:07 GMT
Date: Mon, 19 Sep 2022 16:11:19 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 16:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 16:06:31 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CSGNMCF1RZw00tiyPAvILBvU8FwK221xg0222Vz-qnxO2djk4f2bAw==
Age: 477
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5c817aa82ca8ed4a4257fd1e1628b423
7905c62b6bbc582860c07b75eddae371a4b8d02b
dce1783ecfe50c83d30878b48d60e1cf3fe42a3fa4090fb5d318194de73e53d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6116
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:20 GMT
Last-Modified: Mon, 19 Sep 2022 14:29:24 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.218.164.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.164.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vUnhcPt4l8CPb0scTeWuIg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 22Aty5RzQtiAqwa7bQrEi67tUqI=
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b79dab0abb80d80f01eac05d0c552098
33058e7201e43a6ef65eb475a4461e047010d197
abf5ccfe1415e80e4dc5a59be7d08600da242ffcc37dfe3b89a3bd4c0e5d727e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 16:11:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 02:31:57 GMT
Expires: Sat, 24 Sep 2022 02:31:56 GMT
Etag: "33058e7201e43a6ef65eb475a4461e047010d197"
Cache-Control: max-age=382235,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d398be484eb524-OSL
v3.cdnsfree.com/status.json
8.248.224.22200 OK 21 B URL HTTP/2 v3.cdnsfree.com/status.json
IP 8.248.224.22:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c4bb18933a5fd13d100077a00adf5161
957c1ddeabbf35fcdcaf731cf9611f4703864212
a7e828c3613677202207c42052a2135aefd9af7130f8ac20bb3307277a255db0
GET /status.json HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:20 GMT
content-type: application/json
content-length: 21
server: nginx
access-control-allow-origin: *
age: 2771708
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b79dab0abb80d80f01eac05d0c552098
33058e7201e43a6ef65eb475a4461e047010d197
abf5ccfe1415e80e4dc5a59be7d08600da242ffcc37dfe3b89a3bd4c0e5d727e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 16:11:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 02:31:57 GMT
Expires: Sat, 24 Sep 2022 02:31:56 GMT
Etag: "33058e7201e43a6ef65eb475a4461e047010d197"
Cache-Control: max-age=382235,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d398be6f2ab518-OSL
v3.cdnsfree.com/_nuxt/desktop/default/css/a261063f.css
8.248.224.22200 OK 288 B URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/a261063f.css
IP 8.248.224.22:0
File type ASCII text, with very long lines (721), with no line terminators
Hash 530d17a1405580c755cf0c352ecb7239
cf5942776f878402e9518079de22bea64f24797f
da6e64dc7305d0886589bef7b3c6893143f50e28f40a515caf01689cb7b2a564
GET /_nuxt/desktop/default/css/a261063f.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:20 GMT
content-type: text/css
content-length: 288
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-120"
expires: Tue, 20 Sep 2022 09:01:15 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 25839
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/8dfdb8be.css
8.248.224.22200 OK 590 B URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/8dfdb8be.css
IP 8.248.224.22:0
File type ASCII text, with very long lines (1633), with no line terminators
Hash abc8bfa44ece6cebe74ce4f7e7cb0d9c
5759dbd7da39ab602651b4ece88452a7676efcb3
188e6c5e3d99c7ebd4550c715d35910f93e5db622ec813b25380441c542c93d7
GET /_nuxt/desktop/default/css/8dfdb8be.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:20 GMT
content-type: text/css
content-length: 590
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-24e"
expires: Tue, 20 Sep 2022 09:12:46 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 25335
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/9e9a7a58.js
8.248.224.22200 OK 336 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/9e9a7a58.js
IP 8.248.224.22:0
File type Unicode text, UTF-8 text, with very long lines (65399)
Size 336 kB (335795 bytes)
Hash ea1fc47f50a7d0ac3ca1b89ef61529bd
a2cd27a2cbc10d1d3fb29b02f47e79149fe4263a
96d6cb5929c0a6ce92ee17c4aa0736b1495eb1245bb2805893f77e2e4340ed8e
GET /_nuxt/desktop/default/9e9a7a58.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 335795
cache-control: max-age=86400
content-encoding: gzip
etag: "63247729-51fb3"
expires: Tue, 20 Sep 2022 09:34:57 GMT
last-modified: Fri, 16 Sep 2022 13:16:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23784
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
8.248.224.22200 OK 705 B URL HTTP/2 v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP 8.248.224.22:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash bb246c88651f63256e658dccd79ba91f
560cf8f76dad56a5c10a0f66cc4a200df301265d
30e59f903e6fab358b7bfb110a8bf83aefaf5376f2c60293a20f58c9f9fc45e8
GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:20 GMT
content-type: image/svg+xml
content-length: 705
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Mon, 19 Sep 2022 16:09:51 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 212
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/f4e98fb4.css
8.248.224.22200 OK 67 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/f4e98fb4.css
IP 8.248.224.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b8aa25bdb278506c56e0b64605968077
4e52b8f725ce35f7bc5da2d1b46e50ae8a35acad
430a68e599a8d37ecac6c79ac8068fb7076bb4efacc378f6547297f18f98d678
GET /_nuxt/desktop/default/css/f4e98fb4.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:20 GMT
content-type: text/css
content-length: 66944
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-10580"
expires: Tue, 20 Sep 2022 12:46:30 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 12291
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/f55e7b6a.js
8.248.224.22200 OK 521 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/f55e7b6a.js
IP 8.248.224.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 521 kB (521438 bytes)
Hash e1f481a7c887857553d5ff196f1fe111
cc8baaad71d11d80661990af3c3ec4c3ccbda580
5f403e4245311bb0295d2cb18109d90e065bd82dde3b1097ebb69b4205e16264
GET /_nuxt/desktop/default/f55e7b6a.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 521438
cache-control: max-age=86400
content-encoding: gzip
etag: "63247728-7f4de"
expires: Tue, 20 Sep 2022 09:35:06 GMT
last-modified: Fri, 16 Sep 2022 13:16:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23788
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/49cbefce.js
8.248.224.22200 OK 6.5 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/49cbefce.js
IP 8.248.224.22:0
File type ASCII text, with very long lines (15649), with no line terminators
Hash 639388fec6431b50b1ff910ad0b008b4
d3a383f2090089e58a6bc39feecdea4a02098d2c
b5b125c48e4b16c899e897a29df7f33c468f351464523cd74e6a49047c8e36c9
GET /_nuxt/desktop/default/49cbefce.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 6492
cache-control: max-age=86400
content-encoding: gzip
etag: "63247728-195c"
expires: Tue, 20 Sep 2022 09:37:23 GMT
last-modified: Fri, 16 Sep 2022 13:16:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23654
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/7dfb8951.js
8.248.224.22200 OK 68 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/7dfb8951.js
IP 8.248.224.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c7c7122b75e5705633dbe115a93e4eea
99dec659cf87325541a4d61a1d6980086f280675
d2e8ce2fac3529a4d5e00cbb05010743647801ac7447f9cb4762d2c98f1daa21
GET /_nuxt/desktop/default/7dfb8951.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 67835
cache-control: max-age=86400
content-encoding: gzip
etag: "63247728-108fb"
expires: Tue, 20 Sep 2022 09:35:47 GMT
last-modified: Fri, 16 Sep 2022 13:16:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23733
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b79dab0abb80d80f01eac05d0c552098
33058e7201e43a6ef65eb475a4461e047010d197
abf5ccfe1415e80e4dc5a59be7d08600da242ffcc37dfe3b89a3bd4c0e5d727e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 16:11:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 02:31:57 GMT
Expires: Sat, 24 Sep 2022 02:31:56 GMT
Etag: "33058e7201e43a6ef65eb475a4461e047010d197"
Cache-Control: max-age=382235,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d398be3d3cb503-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b79dab0abb80d80f01eac05d0c552098
33058e7201e43a6ef65eb475a4461e047010d197
abf5ccfe1415e80e4dc5a59be7d08600da242ffcc37dfe3b89a3bd4c0e5d727e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 16:11:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 02:31:57 GMT
Expires: Sat, 24 Sep 2022 02:31:56 GMT
Etag: "33058e7201e43a6ef65eb475a4461e047010d197"
Cache-Control: max-age=382235,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d398be5ac4fab8-OSL
v3.cdnsfree.com/_nuxt/desktop/default/css/06b6b28a.css
8.248.224.22200 OK 27 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/06b6b28a.css
IP 8.248.224.22:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 562a5361d28f6972340c04bc616e5a13
362601e7ad45873b395d6d69cee8781a18e8bc00
0c9072a112c3154b8cba45110231742b66beaee791313d6de92a0dfaf7f6f3e7
GET /_nuxt/desktop/default/css/06b6b28a.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:20 GMT
content-type: text/css
content-length: 27151
cache-control: max-age=86400
content-encoding: gzip
etag: "63247837-6a0f"
expires: Mon, 19 Sep 2022 18:15:22 GMT
last-modified: Fri, 16 Sep 2022 13:20:55 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 78958
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash b79dab0abb80d80f01eac05d0c552098
33058e7201e43a6ef65eb475a4461e047010d197
abf5ccfe1415e80e4dc5a59be7d08600da242ffcc37dfe3b89a3bd4c0e5d727e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 16:11:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 02:31:57 GMT
Expires: Sat, 24 Sep 2022 02:31:56 GMT
Etag: "33058e7201e43a6ef65eb475a4461e047010d197"
Cache-Control: max-age=382235,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d398be8ee8b500-OSL
v3.cdnsfree.com/_nuxt/desktop/default/fa6edde8.js
8.248.224.22200 OK 6.5 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/fa6edde8.js
IP 8.248.224.22:0
File type ASCII text, with very long lines (16857), with no line terminators
Hash 56164a89822bf4be412832e6eff21d11
a7d5ec0f10bec8b878aae678b1bd5878f25fbdde
80d00065d0121cff14e31520c858a771cd057317cd80a5b4804abde71572dacf
GET /_nuxt/desktop/default/fa6edde8.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:20 GMT
content-type: application/javascript; charset=utf-8
content-length: 6514
cache-control: max-age=86400
content-encoding: gzip
etag: "63247729-1972"
expires: Tue, 20 Sep 2022 09:35:06 GMT
last-modified: Fri, 16 Sep 2022 13:16:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23787
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 419833
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.10200 OK 18 kB URL HTTP/2 fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.10:0
Hash 2249f7622f56986985798e8848a356fe
070d958e56495c563807e9b6d5d71ec5bf0d5929
b79ab715b6f6889585bfc2fcffa2c064f92668e277b6016ecd7b0c5b8331a71f
GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 19 Sep 2022 16:11:20 GMT
date: Mon, 19 Sep 2022 16:11:20 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4f5180e6651455bc8443945fb5b6860c
01457b8648200c9d274b2790b95274b1dc855aaf
39301cccc2805993f794301cb01a70a954e7c8a8e5d6779acc4888f77d7282c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x283524.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
178.253.49.6200 OK 352 B URL HTTP/2 lite-1x283524.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP 178.253.49.6:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:21 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 20 Sep 2022 16:11:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2255
Expires: Mon, 19 Sep 2022 16:48:56 GMT
Date: Mon, 19 Sep 2022 16:11:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2255
Expires: Mon, 19 Sep 2022 16:48:56 GMT
Date: Mon, 19 Sep 2022 16:11:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2255
Expires: Mon, 19 Sep 2022 16:48:56 GMT
Date: Mon, 19 Sep 2022 16:11:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: b04884f3-149d-4750-876b-8e8762f0f2a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfzrHKMoAMFlfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6321467d-5852e5ef280580b8569b548f;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:11:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vaJ_7zKaGiXZh4VtTlLZCOFpi7bz9tpKRbsvRDJ4En-E93sREYnz5w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 05:49:41 GMT
age: 37300
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1105b56cf779b6df1cbd081bbd0cda50
58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:43 GMT
age: 65978
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e70b2859ca89b353682d03f6b46b93
ebd83f29edd95217dfa4f4c7a94eddf34dd58b14
43ad8f8b0a664bbec39e0410c1201498a2d2e36e5bd7d5ece8d65b15230ec50b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a91bc33-86f4-4bda-af70-da083ceb7c72.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10894
x-amzn-requestid: f7aad96e-af80-4db7-8bc1-d1e09a9b37e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YeJQGHhOIAMFYuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322559a-538534e91448af217c59ab3d;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 22:28:42 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P7aZQzmAvqn2rcHJUQjHo0Dcg8dsrqseey5mNOabfq1b857M4SUMDQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 01:08:23 GMT
age: 54178
etag: "ebd83f29edd95217dfa4f4c7a94eddf34dd58b14"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RWcHVQkq3COqcWuVRgOdpVDi7VFrdjpu4q-NU0D3iod1B58xF4K_Yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:55 GMT
age: 65966
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 893f3495f1f575e946a57c8e8411b2a5
480182fd29c7edd369339847b85e4e2580cef0f6
097d868881231eae089ac8b97d5dc290583477f63dc35b7458ed4898e0db3e0c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F24f3f8eb-09f7-4c60-864d-3ff96da7c86a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6428
x-amzn-requestid: 7dd3072b-403a-4bb4-b8c4-58a6d7c254f7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRmgCGJVIAMFk5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d5133-0756be8c75da02a857e36a2f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 03:08:35 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: UPvPiYucU7q4x4t0X4tGF7XPXUy0D4F0gcXtWVx-MS-MOunPEWcVUA==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:53:43 GMT
age: 65858
etag: "480182fd29c7edd369339847b85e4e2580cef0f6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: e1792a3b-1893-48a6-8d01-463050259dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiGMYE3IoAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323ea4f-42ab13411e65943538101b11;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:15:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XmcyJv7bahHB4wMjFmgvh2fEkJJYLPhRrISZ_DczSErdEQjXIxWUvg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:58:21 GMT
age: 43980
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/1e7f64eb.js
8.248.224.22200 OK 117 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/1e7f64eb.js
IP 8.248.224.22:0
File type ASCII text, with very long lines (65479)
Size 117 kB (117107 bytes)
Hash 0364250ebefbb34c9245de59e076bd80
1818a79b52c80e405ff87932966cc42179fa18ff
ef79debd0da2bae52d1ed7293e62f2cd166e78d9b7b440e6bf989279a0715cf6
GET /_nuxt/desktop/default/1e7f64eb.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:21 GMT
content-type: application/javascript; charset=utf-8
content-length: 117107
cache-control: max-age=86400
content-encoding: gzip
etag: "63247728-1c973"
expires: Tue, 20 Sep 2022 09:35:06 GMT
last-modified: Fri, 16 Sep 2022 13:16:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23788
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/_nuxt/desktop/default/css/a261063f.css
178.253.49.6200 OK 288 B URL HTTP/2 lite-1x283524.top/_nuxt/desktop/default/css/a261063f.css
IP 178.253.49.6:0
File type ASCII text, with very long lines (721), with no line terminators
Hash 530d17a1405580c755cf0c352ecb7239
cf5942776f878402e9518079de22bea64f24797f
da6e64dc7305d0886589bef7b3c6893143f50e28f40a515caf01689cb7b2a564
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/css/a261063f.css HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:22 GMT
content-type: text/css
content-length: 288
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
vary: Accept-Encoding
etag: "63247836-120"
content-encoding: gzip
expires: Mon, 19 Sep 2022 17:11:22 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/_nuxt/desktop/default/css/8dfdb8be.css
178.253.49.6200 OK 590 B URL HTTP/2 lite-1x283524.top/_nuxt/desktop/default/css/8dfdb8be.css
IP 178.253.49.6:0
File type ASCII text, with very long lines (1633), with no line terminators
Hash abc8bfa44ece6cebe74ce4f7e7cb0d9c
5759dbd7da39ab602651b4ece88452a7676efcb3
188e6c5e3d99c7ebd4550c715d35910f93e5db622ec813b25380441c542c93d7
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/css/8dfdb8be.css HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:22 GMT
content-type: text/css
content-length: 590
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
vary: Accept-Encoding
etag: "63247836-24e"
content-encoding: gzip
expires: Mon, 19 Sep 2022 17:11:22 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1663603863331
178.253.49.6200 OK 145 B URL HTTP/2 lite-1x283524.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1663603863331
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81d90db48c09d6f764c4929c90eadfc1
6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1663603863331 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:22 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/img/common.ca61e6bc.svg
8.248.224.22200 OK 42 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/img/common.ca61e6bc.svg
IP 8.248.224.22:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 41b1fc849f8c53c3369f71d6b593274e
5dfad2a78990dc2174380eb1178cbab9670651fe
6c8e1cdd67924e4198d7e3101357bcd99d804e3c173096b80652b98ed7ddf83b
GET /_nuxt/desktop/default/img/common.ca61e6bc.svg HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:22 GMT
content-type: image/svg+xml
content-length: 42495
cache-control: max-age=86400
content-encoding: gzip
etag: W/"63247836-18849"
expires: Tue, 20 Sep 2022 11:52:43 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 15522
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/c575ba31.js
8.248.224.22200 OK 1.3 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/c575ba31.js
IP 8.248.224.22:0
File type ASCII text, with very long lines (3782), with no line terminators
Hash c74dd42b388d3b028cb32defadf9b0d8
72cffc4de9595371cfb9acfde38aa5516708cc91
1bc7d4d664a41a54e5b6aeeebb6dcd88845338d89228ce8172c3fa843c3b2190
GET /_nuxt/desktop/default/c575ba31.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:22 GMT
content-type: application/javascript; charset=utf-8
content-length: 1301
cache-control: max-age=86400
content-encoding: gzip
etag: "63247728-515"
expires: Tue, 20 Sep 2022 09:35:41 GMT
last-modified: Fri, 16 Sep 2022 13:16:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23741
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/version.json?timestamp=1663603863379
178.253.49.6200 OK 11 B URL HTTP/2 lite-1x283524.top/version.json?timestamp=1663603863379
IP 178.253.49.6:0
Hash 0d5e105661240d3eea2a0d91232b8e34
9b8208c92723c478e00a6a4f281aff28e26978cf
e147427915dad1e4d5339dd3f09c1fdcec97e93236ae7c92fb3ba9aaf847859c
Analyzer Verdict Alert quad9 Sinkholed
GET /version.json?timestamp=1663603863379 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1920; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:22 GMT
content-type: application/json; charset=UTF-8
content-length: 11
etag: W/"b-m4IIyScjxHjgCmpPKBr/KOJpeM8"
server-timing: dt_285;dur=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d190828e3fd8953f387f197ac65a8643
32ca85c067c23f33324abec1e925b6ade4a3186d
0a953dbd1c8be9da3efdc5b6ac8c59b1ae672b30161c24052a0224982a4921b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1833
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:22 GMT
Last-Modified: Mon, 19 Sep 2022 15:40:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-178408567-1
142.250.74.72200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 4f42edac9025a86026fc0ddace16d797
3bf1d48d78023f11a48c72f11d0ebf9448bb0ca8
6bed0273267d406841c40e7496463d4f063103fb44075e85edb0c784ce22638e
GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 16:11:22 GMT
expires: Mon, 19 Sep 2022 16:11:22 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43423
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d190828e3fd8953f387f197ac65a8643
32ca85c067c23f33324abec1e925b6ade4a3186d
0a953dbd1c8be9da3efdc5b6ac8c59b1ae672b30161c24052a0224982a4921b6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4862
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:22 GMT
Last-Modified: Mon, 19 Sep 2022 14:50:21 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
v3.cdnsfree.com/_nuxt/desktop/default/1a3db6d7.js
8.248.224.22200 OK 6.4 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/1a3db6d7.js
IP 8.248.224.22:0
File type ASCII text, with very long lines (18556), with no line terminators
Hash ea7c09a34122c93498d7050395b1f0e9
98bdd6b0a04612bf65718eca2420a079659ccdb2
5a6a94060277d6968927b1432f1e94258222917c301e33105e818b0415acde80
GET /_nuxt/desktop/default/1a3db6d7.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 6426
cache-control: max-age=86400
content-encoding: gzip
etag: "63247728-191a"
expires: Tue, 20 Sep 2022 09:35:41 GMT
last-modified: Fri, 16 Sep 2022 13:16:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23742
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/d7b0fdb3.css
8.248.224.22200 OK 478 B URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/d7b0fdb3.css
IP 8.248.224.22:0
File type ASCII text, with very long lines (1754), with no line terminators
Hash 38bd18dd7bc7c608f3870576b481d95f
1c3f04547dfebca0dd2916c63bc217bdd0c16ac8
56f7175291b3a5fa61404c79558f22cebf26a394e5ea2d948a924233a66774f4
GET /_nuxt/desktop/default/css/d7b0fdb3.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: text/css
content-length: 478
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-1de"
expires: Tue, 20 Sep 2022 08:59:42 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 25909
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/ca635c23.css
8.248.224.22200 OK 2.4 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/ca635c23.css
IP 8.248.224.22:0
File type ASCII text, with very long lines (13289), with no line terminators
Hash d348c9146f63891bc278d406a25a0822
a84d00c830d9ff9d18d269f49ef8e82d2fe36edb
8aad7195de3527bf02fc9885117db47f5dda7b3d17f908a8d6457039dc41d4e2
GET /_nuxt/desktop/default/css/ca635c23.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: text/css
content-length: 2427
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-97b"
expires: Tue, 20 Sep 2022 12:50:18 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 12154
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/06789739.js
8.248.224.22200 OK 8.1 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/06789739.js
IP 8.248.224.22:0
File type ASCII text, with very long lines (25008), with no line terminators
Hash 03644a138c2a78250b4b84ab7a86827e
17cf46fdd273ebb33d03cc47c1236f2f9d75c4fe
9978966c019796bc96f201b434cc9c9ffa797f611d25604d9535e2fa1944a886
GET /_nuxt/desktop/default/06789739.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 8103
cache-control: max-age=86400
content-encoding: gzip
etag: "63247728-1fa7"
expires: Tue, 20 Sep 2022 09:38:51 GMT
last-modified: Fri, 16 Sep 2022 13:16:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23608
accept-ranges: bytes
X-Firefox-Spdy: h2
radar.cedexis.com/1593429750/radar.js
35.241.57.45200 OK 20 kB URL HTTP/2 radar.cedexis.com/1593429750/radar.js
IP 35.241.57.45:0
File type ASCII text, with very long lines (3499)
Hash 564a672614b2def192f7277dd92abc08
d39148c50344744e8631a5a01655d91d27b9caef
714c8f0b14b1644ae54ee24dc49730dc38cc833c5db03124484b3b2e2f88f335
GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:22 GMT
content-type: application/javascript
last-modified: Mon, 29 Jun 2020 11:30:33 GMT
vary: Accept-Encoding
etag: W/"5ef9d0d9-af5c"
expires: Mon, 03 Oct 2022 16:11:22 GMT
cache-control: max-age=1209600, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/298ca41a.css
8.248.224.22200 OK 4.3 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/298ca41a.css
IP 8.248.224.22:0
File type ASCII text, with very long lines (27435), with no line terminators
Hash bd768026753e2b37842d9be00d2af029
cbfde5e5462e21e8da84c36a236f61d3ea2a2dd7
a5f9135a088f3344cebb41121c72039af9ec53f692ba9c559f51f2c0c2d6cb09
GET /_nuxt/desktop/default/css/298ca41a.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: text/css
content-length: 4274
cache-control: max-age=86400
content-encoding: gzip
etag: "63247837-10b2"
expires: Tue, 20 Sep 2022 12:50:18 GMT
last-modified: Fri, 16 Sep 2022 13:20:55 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 12065
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/603356d1.js
8.248.224.22200 OK 4.1 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/603356d1.js
IP 8.248.224.22:0
File type ASCII text, with very long lines (13747), with no line terminators
Hash 64f0911e27545829ddb662dd71d35030
428e24909b94e1f7e5d2c10c54391985ecb685a1
8e39c7800ec6370b3bd908cecfd913dce5d79bb2d0bf93f563831f4beecc8959
GET /_nuxt/desktop/default/603356d1.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 4106
cache-control: max-age=86400
content-encoding: gzip
etag: "63247728-100a"
expires: Tue, 20 Sep 2022 09:38:51 GMT
last-modified: Fri, 16 Sep 2022 13:16:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23609
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/api/converslon/load
178.253.49.6200 OK 5.9 kB URL HTTP/2 lite-1x283524.top/web-api/api/converslon/load
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with very long lines (18129), with no line terminators
Hash d4690d82b286fed75cddecc2cd924273
61c64e77424a9c87a6cab998f5b0827ef1bdc0e4
c80ffc59fab6ee8cba3a6d8f7c4a6352b2d3293bd0ab8fb93dcda89f17a29899
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/converslon/load HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1920; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:22 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=30, dt_285;dur=34
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/ffc8034a.js
8.248.224.22200 OK 32 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/ffc8034a.js
IP 8.248.224.22:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash d003d2fad3b5c9428d1da7f560ff70b4
5a9d44161de0c46809d74cc484c22cc7aafd61e4
3035aea5a14338bc0b61a5047ab5ba2438cd48e522a6271824da5c37bbef1e33
GET /_nuxt/desktop/default/ffc8034a.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 31520
cache-control: max-age=86400
content-encoding: gzip
etag: "63247729-7b20"
expires: Tue, 20 Sep 2022 09:43:30 GMT
last-modified: Fri, 16 Sep 2022 13:16:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23273
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/90431178.js
8.248.224.22200 OK 1.4 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/90431178.js
IP 8.248.224.22:0
File type Unicode text, UTF-8 text, with very long lines (3465), with no line terminators
Hash 8bee2bd4c12fe499207ebec089e18f12
cf1d3d515e3886e99575caafd9060aff171dd653
07de10125de87a9ad3d3ec63b8fadc47d345d6aafd75857ad105b9fb0e5cea24
GET /_nuxt/desktop/default/90431178.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 1428
cache-control: max-age=86400
content-encoding: gzip
etag: "63247728-594"
expires: Tue, 20 Sep 2022 09:36:22 GMT
last-modified: Fri, 16 Sep 2022 13:16:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23720
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/api/internal/v1/sessions/user
178.253.49.6200 OK 16 B URL HTTP/2 lite-1x283524.top/web-api/api/internal/v1/sessions/user
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 646b2e82b65602d35f7aa6283c387e3a
b163a70c5df8e4b0861a23a04f8a6f78393747f4
b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/internal/v1/sessions/user HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1280; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
server-timing: p;dur=35, dt_285;dur=38
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/f868f4a8.js
8.248.224.22200 OK 27 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/f868f4a8.js
IP 8.248.224.22:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 19c9df7ec83374bea985910bf34418ee
51f8499d84d09c2ab05d45c1ac2df648d3f354ad
bd62288e8ff465aaadf17692bc76eeb50af6b4fb16406e8b5be4e1e0bdc5cbda
GET /_nuxt/desktop/default/f868f4a8.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 27034
cache-control: max-age=86400
content-encoding: gzip
etag: "63247729-699a"
expires: Tue, 20 Sep 2022 09:35:41 GMT
last-modified: Fri, 16 Sep 2022 13:16:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23742
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/checker/redirect/stat/run/
178.253.49.6200 OK 49 B URL HTTP/2 lite-1x283524.top/checker/redirect/stat/run/
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b7a9075de81cdb1a9fa74fa71b5126dd
9d651f649e1c5eab95d3b0ca7cc9b02dec41df61
86877f86c7d18d59e54d73c43e6709a91a7f0a6a86980cada7f4b7e69c13cf20
Analyzer Verdict Alert quad9 Sinkholed
GET /checker/redirect/stat/run/ HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1280; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D; che_g=8dc47834-285b-41f1-698f-db9896417004
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/json; charset=utf-8
content-length: 49
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 419835
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/default/img/icons/pixels2.svg?v=1663603863
178.253.49.6200 OK 90 B URL HTTP/2 lite-1x283524.top/web-api/default/img/icons/pixels2.svg?v=1663603863
IP 178.253.49.6:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash e45f90dcbe718dea3476c4b69b501a4e
e9af26a93c467a77e4733ec537f4f5ce7a4ba089
a439dd8761d9fd4ff88e82e83200877703594491065880dbd4e59ddf4ce1b204
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/default/img/icons/pixels2.svg?v=1663603863 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1280; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D; che_g=8dc47834-285b-41f1-698f-db9896417004
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: image/png
content-length: 90
cache-control: max-age=86400
server-timing: p;dur=33, dt_285;dur=35
expires: Tue, 20 Sep 2022 16:11:23 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/user/secure
178.253.49.6200 OK 59 B URL HTTP/2 lite-1x283524.top/web-api/user/secure
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0af99557c7bb50055263546915e9e409
45d5b0b7287f216b56f682add7a6900ef11de4a7
a283da0db46bc5af72e37893655d18199e71afdb4cbee9879676a38ec1af4e7d
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/user/secure HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1280; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D; che_g=8dc47834-285b-41f1-698f-db9896417004
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/json; charset=utf-8
content-length: 59
server-timing: dt_285;dur=72
set-cookie: is_rtl=1; expires=Tue, 19-Sep-2023 16:11:23 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
fast_coupon=true; expires=Mon, 26-Sep-2022 16:11:23 GMT; Max-Age=604800; path=/
v3fr=1; expires=Thu, 22-Sep-2022 16:11:23 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax
_glhf=1663621659; expires=Mon, 19-Sep-2022 17:11:23 GMT; Max-Age=3600; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1663603863987
178.253.49.6200 OK 145 B URL HTTP/2 lite-1x283524.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1663603863987
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81d90db48c09d6f764c4929c90eadfc1
6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1663603863987 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1280; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D; che_g=8dc47834-285b-41f1-698f-db9896417004; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1663621659; ggru=188
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 19 Sep 2022 14:41:12 GMT
expires: Mon, 19 Sep 2022 16:41:12 GMT
cache-control: public, max-age=7200
age: 5411
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/img/bonusSelect.ded7dd51.svg
8.248.224.22200 OK 6.7 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/img/bonusSelect.ded7dd51.svg
IP 8.248.224.22:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15052), with no line terminators
Hash a2f120cc3cf2d427e4b85d265f76b935
f91432839eaa86dd1f5ebd36a8e76a7cac66a674
6d181fe48a1583b7a42e67abab9a07bb3074421960ca9aa4945318730296bd35
GET /_nuxt/desktop/default/img/bonusSelect.ded7dd51.svg HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: image/svg+xml
content-length: 6736
cache-control: max-age=86400
content-encoding: gzip
etag: W/"63247836-3acc"
expires: Tue, 20 Sep 2022 08:05:13 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 29291
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/api/internal/v1/proof_of_age
178.253.49.6204 No Content 0 B URL HTTP/2 lite-1x283524.top/web-api/api/internal/v1/proof_of_age
IP 178.253.49.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1280; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D; che_g=8dc47834-285b-41f1-698f-db9896417004; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1663621659; ggru=188
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 19 Sep 2022 16:11:23 GMT
cache-control: no-cache, private
server-timing: p;dur=32, dt_285;dur=36
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/external-api/seo/metadata?url=https:%2F%2Flite-1x283524.top%2Fus%2Fregistration&geo=137&language=us
178.253.49.6200 OK 196 B URL HTTP/2 lite-1x283524.top/web-api/external-api/seo/metadata?url=https:%2F%2Flite-1x283524.top%2Fus%2Fregistration&geo=137&language=us
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5a137d0884eabdde2b7e22515c7b86d4
500e6a618663d99c14d6924819ceb9a233fd7ab7
33b98c9e93d43b7f50af97b92a9c160d88fb7341f4584686d64c3eb656e94f27
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/seo/metadata?url=https:%2F%2Flite-1x283524.top%2Fus%2Fregistration&geo=137&language=us HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?type=fast
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1280; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D; che_g=8dc47834-285b-41f1-698f-db9896417004; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1663621659; ggru=188; _ga_7JGWL9SV66=GS1.1.1663603864.1.1.1663603864.0.0.0; _ga=GA1.2.654182844.1663603864; _gid=GA1.2.132619008.1663603864
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/vnd.api+json
content-length: 196
cache-control: max-age=300, private
server-timing: p;dur=31, dt_285;dur=33
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/774a1818.css
8.248.224.22200 OK 1.3 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/774a1818.css
IP 8.248.224.22:0
File type ASCII text, with very long lines (6055), with no line terminators
Hash 9a46691026feffd525ff1d8888d60f1d
721c82e82c9b6ba22929c2c13350ca38174120e9
37acb7f481cb0d8cea08a920ff6c73e1628a37a486a72d1b4fb006610144fc3d
GET /_nuxt/desktop/default/css/774a1818.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: text/css
content-length: 1299
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-513"
expires: Tue, 20 Sep 2022 12:47:17 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 12264
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/9268420a.js
8.248.224.22200 OK 9.1 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/9268420a.js
IP 8.248.224.22:0
File type Unicode text, UTF-8 text, with very long lines (38137), with no line terminators
Hash c23f15e4c8b223b8d6857855295036af
48748d881f9f2df1a0f8408dbe84d782c8dacd5a
27f6912ef53e5e61e050148981e01a25969c74ee26ca8112e7eb89f8ae8a72d9
GET /_nuxt/desktop/default/9268420a.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/javascript; charset=utf-8
content-length: 9057
cache-control: max-age=86400
content-encoding: gzip
etag: "63247728-2361"
expires: Tue, 20 Sep 2022 09:43:32 GMT
last-modified: Fri, 16 Sep 2022 13:16:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23697
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 4ee5c6443c11da4a5cf7ea801cd0c62f
e742a7ee1cbedf1a23a82361f3873dbc165f927c
e3682e49ed03efcf590a500154380807b54433f8344923e9017994bdf0d46924
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=explicit&hl=us
142.250.74.164200 OK 557 B URL HTTP/2 www.google.com/recaptcha/api.js?render=explicit&hl=us
IP 142.250.74.164:0
File type ASCII text, with very long lines (852), with no line terminators
Hash 9ad685e3d01b0036bb8f8e30b595319f
f0b09266e6afa82a0e5a55ac54fa457852fc7ba2
43b843f3e3769414de1b6c92b9df34844f3e40fd235165a24a66276c4d96f03c
GET /recaptcha/api.js?render=explicit&hl=us HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 19 Sep 2022 16:11:23 GMT
date: Mon, 19 Sep 2022 16:11:23 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/external-api/seo/links/canonical?url=https:%2F%2Flite-1x283524.top%2Fus%2Fregistration
178.253.49.6200 OK 119 B URL HTTP/2 lite-1x283524.top/web-api/external-api/seo/links/canonical?url=https:%2F%2Flite-1x283524.top%2Fus%2Fregistration
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1eefb9d95a9c2982479875e17e6162e4
250a703bc6adb071b9a210db589ffea72790c05b
657b2853e41560852dd82554361474e77f3e8b6d243d8fb1bdae41ac6e06655d
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/seo/links/canonical?url=https:%2F%2Flite-1x283524.top%2Fus%2Fregistration HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?type=fast
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1280; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D; che_g=8dc47834-285b-41f1-698f-db9896417004; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1663621659; ggru=188; _ga_7JGWL9SV66=GS1.1.1663603864.1.1.1663603864.0.0.0; _ga=GA1.2.654182844.1663603864; _gid=GA1.2.132619008.1663603864
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/vnd.api+json
content-length: 119
cache-control: max-age=300, private
server-timing: p;dur=115, dt_285;dur=119
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/img/country.c75dc37b.svg
8.248.224.22200 OK 52 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/img/country.c75dc37b.svg
IP 8.248.224.22:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ebf5fd26e0f8a0fdf627acb3c6dc231c
b870a6da1a14957c3d61567702b2db5267f6e930
7b6b29a932b575d6227bda78ca716dcee68c14d389180420cff4a3bc418c8815
GET /_nuxt/desktop/default/img/country.c75dc37b.svg HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: image/svg+xml
content-length: 52442
cache-control: max-age=86400
content-encoding: gzip
etag: W/"63247836-26132"
expires: Tue, 20 Sep 2022 09:00:16 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 25876
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 56433b6932f28a949ac82fec1caa9e99
017c5a1ccc0f6e68fd60a9d0658c0526b81b4156
a6fe9208db3d30b3a81378a59aa588480ab2080c33f1d0921752c2dfdc76d1fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash dda77a44a7f9eeb9bd828f659ccb7e22
9af43f88835600fd3206e4f18b0c1c2571a3959c
c8effed6366a20b26e104fc4f64d24213eb357d61e7683e28f812d0c21edd044
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-178408567-1&cid=654182844.1663603864&jid=330318542&gjid=707892180&_gid=132619008.1663603864&_u=aCDAAUACQAAAAC~&z=2062401208
142.251.1.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-178408567-1&cid=654182844.1663603864&jid=330318542&gjid=707892180&_gid=132619008.1663603864&_u=aCDAAUACQAAAAC~&z=2062401208
IP 142.251.1.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-178408567-1&cid=654182844.1663603864&jid=330318542&gjid=707892180&_gid=132619008.1663603864&_u=aCDAAUACQAAAAC~&z=2062401208 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://lite-1x283524.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Sep 2022 16:11:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 16:11:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66>m=2oe9e0&_p=1410998500&cid=654182844.1663603864&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663603864&sct=1&seg=0&dl=https%3A%2F%2Flite-1x283524.top%2Fus%2Fregistration%3Ftag%3Dd_786679m_1599c_%26site%3D786679%26ad%3D1599%26r%3Dregistration%252F%26pb%3D883e8b8ae12b41f9b9ffc473f4a9ab84%26click_id%3Dipunm63289490000c5397&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66>m=2oe9e0&_p=1410998500&cid=654182844.1663603864&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663603864&sct=1&seg=0&dl=https%3A%2F%2Flite-1x283524.top%2Fus%2Fregistration%3Ftag%3Dd_786679m_1599c_%26site%3D786679%26ad%3D1599%26r%3Dregistration%252F%26pb%3D883e8b8ae12b41f9b9ffc473f4a9ab84%26click_id%3Dipunm63289490000c5397&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=2oe9e0&_p=1410998500&cid=654182844.1663603864&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663603864&sct=1&seg=0&dl=https%3A%2F%2Flite-1x283524.top%2Fus%2Fregistration%3Ftag%3Dd_786679m_1599c_%26site%3D786679%26ad%3D1599%26r%3Dregistration%252F%26pb%3D883e8b8ae12b41f9b9ffc473f4a9ab84%26click_id%3Dipunm63289490000c5397&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://lite-1x283524.top
date: Mon, 19 Sep 2022 16:11:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/g/9d503e9f2dc6f764d6596a960473998bb32d4d67
178.253.49.6200 OK 2 B URL HTTP/2 lite-1x283524.top/web-api/g/9d503e9f2dc6f764d6596a960473998bb32d4d67
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/g/9d503e9f2dc6f764d6596a960473998bb32d4d67 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x283524.top/us/registration?type=fast
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://lite-1x283524.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1280; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D; che_g=8dc47834-285b-41f1-698f-db9896417004; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1663621659; ggru=188; _ga_7JGWL9SV66=GS1.1.1663603864.1.1.1663603864.0.0.0; _ga=GA1.2.654182844.1663603864; _gid=GA1.2.132619008.1663603864; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:24 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, private
server-timing: p;dur=34, dt_285;dur=36
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d9fd171b51b27aa84e06e7d5a40116e
a81660dcace8f232018ce9a6d027b271d1f8a863
2c80ffd2c0c451c61623a677d1b17e8e58a40a0a7bdb5ef1cac2610bb0a7e0a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc97d270b-72af-4a6b-ae64-123f7b52851e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: 8af37b3f-bacb-4f13-a539-0a8a1e2c7fe8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrN_VHdooAMF8cQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63279061-083f90a5264568d85ce86e5a;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:40:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tPeWvkV7t7BSrnTA0G2Sf_KmuH5M4azBRhaeNuuaeiOW7zB4RhM_mw==
via: 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:50 GMT
age: 65978
etag: "a81660dcace8f232018ce9a6d027b271d1f8a863"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lite-1x283524.top/translation-api/by-lang/us
178.253.49.6200 OK 0 B URL HTTP/2 lite-1x283524.top/translation-api/by-lang/us
IP 178.253.49.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /translation-api/by-lang/us HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1280; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D; che_g=8dc47834-285b-41f1-698f-db9896417004; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1663621659; ggru=188; _ga_7JGWL9SV66=GS1.1.1663603864.1.0.1663603864.0.0.0; _ga=GA1.1.654182844.1663603864
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/registration/fields
178.253.49.6200 OK 0 B URL HTTP/2 lite-1x283524.top/web-api/registration/fields
IP 178.253.49.6:0
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/registration/fields HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Content-Type: application/json
Content-Length: 19
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1280; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D; che_g=8dc47834-285b-41f1-698f-db9896417004; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1663621659; ggru=188; _ga_7JGWL9SV66=GS1.1.1663603864.1.0.1663603864.0.0.0; _ga=GA1.1.654182844.1663603864
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
server-timing: dt_285;dur=69
set-cookie: is_rtl=1; expires=Tue, 19-Sep-2023 16:11:23 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
suphelper.com/widget/injector.js
104.16.43.72200 OK 0 B URL HTTP/2 suphelper.com/widget/injector.js
IP 104.16.43.72:0
GET /widget/injector.js HTTP/1.1
Host: suphelper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 16:11:25 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-c23ebb3e-55ba-4a53-bad2-fcf25491af5e' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://suphelper.ru wss://suphelper.ru *.suphelper.ru https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
cache-control: public, max-age=300
last-modified: Fri, 09 Sep 2022 16:12:09 GMT
etag: W/"28d83-1832305d7a8"
vary: Accept-Encoding
cf-cache-status: HIT
age: 260
server: cloudflare
cf-ray: 74d398d9ed5a95de-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lite-1x283524.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
178.253.49.6302 Found 0 B URL HTTP/2 lite-1x283524.top/registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
IP 178.253.49.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /registration/?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Mon, 19 Sep 2022 16:11:19 GMT
location: /US/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
server-timing: total;dur=0;desc="Nuxt Server Time", dt_285;dur=74
x-frame-options: SAMEORIGIN
x-reason: empty_lang
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: platform_type=desktop; Path=/; Expires=Thu, 22 Sep 2022 16:11:19 GMT
auid=sv0xBmMolKcl6QJoBAVtAg==; expires=Tue, 19-Sep-23 16:11:19 GMT; path=/
X-Firefox-Spdy: h2
lite-1x283524.top/US/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
178.253.49.6301 Moved Permanently 0 B URL HTTP/2 lite-1x283524.top/US/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
IP 178.253.49.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /US/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 16:11:20 GMT
location: /us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
server-timing: total;dur=224;desc="Nuxt Server Time", dt_285;dur=226
set-cookie: SESSION=21c0da870c58f164f7477e560a7c7a8f; Path=/; HttpOnly; Secure; SameSite=Lax
lng=us; Path=/
vary: User-Agent
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
178.253.49.6200 OK 0 B URL HTTP/2 lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
IP 178.253.49.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration/&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:20 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=251;desc="Nuxt Server Time", dt_285;dur=263
set-cookie: lng=us; Path=/
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/registration
178.253.49.6200 OK 0 B URL HTTP/2 lite-1x283524.top/web-api/registration
IP 178.253.49.6:0
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/registration HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Content-Type: application/json
Content-Length: 18
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/us/registration?tag=d_786679m_1599c_&site=786679&ad=1599&r=registration%2F&pb=883e8b8ae12b41f9b9ffc473f4a9ab84&click_id=ipunm63289490000c5397
Cookie: platform_type=desktop; auid=sv0xBmMolKcl6QJoBAVtAg==; SESSION=21c0da870c58f164f7477e560a7c7a8f; lng=us; tzo=0; window_width=1280; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_786679m_1599c_%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_786679m_1599c_; postback_watcher=%7B%22tag%22%3A%22d_786679m_1599c_%22%2C%22site%22%3A%22786679%22%2C%22ad%22%3A%221599%22%2C%22r%22%3A%22registration%2F%22%2C%22pb%22%3A%22883e8b8ae12b41f9b9ffc473f4a9ab84%22%2C%22click_id%22%3A%22ipunm63289490000c5397%22%7D; che_g=8dc47834-285b-41f1-698f-db9896417004
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 16:11:23 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
server-timing: dt_285;dur=55
set-cookie: is_rtl=1; expires=Tue, 19-Sep-2023 16:11:23 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
fast_coupon=true; expires=Mon, 26-Sep-2022 16:11:23 GMT; Max-Age=604800; path=/
v3fr=1; expires=Thu, 22-Sep-2022 16:11:23 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2