lite-1x36781678.top/ar
178.253.14.166301 Moved Permanently 162 B IP 178.253.14.166:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
GET /ar HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 03 Dec 2022 08:46:55 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://lite-1x36781678.top/ar
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16255
Expires: Sat, 03 Dec 2022 13:17:50 GMT
Date: Sat, 03 Dec 2022 08:46:55 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4497
Cache-Control: max-age=97157
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 08:46:55 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 11:46:12 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 08:18:14 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1721
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5174
Expires: Sat, 03 Dec 2022 10:13:09 GMT
Date: Sat, 03 Dec 2022 08:46:55 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: lgrc+Y/fTGyhRaenk6cv9PvUY2vxgufscumQKDzY6mTitHx7srqSjws0QfAsQuuqWDELZeS9r2w=
x-amz-request-id: C094NNJQ5JZ0PZ8X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 08:46:30 GMT
age: 25
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 002be102dd57b317506b54febc9d7113
92f2230c7d738562a77926d0545f5f38c9d00432
c283d3b81594fa9b1108275afdc01e85369d7925704bb2b9836d03cc6a70b478
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C283D3B81594FA9B1108275AFDC01E85369D7925704BB2B9836D03CC6A70B478"
Last-Modified: Thu, 01 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8030
Expires: Sat, 03 Dec 2022 11:00:45 GMT
Date: Sat, 03 Dec 2022 08:46:55 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:46:55 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 08:11:17 GMT
cache-control: public,max-age=3600
age: 2139
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4491
Cache-Control: max-age=92089
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 08:46:56 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:21:45 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.114.252101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.114.252:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: m1omrLRT1mfyE/DHLHkG3Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7eej2tWUAtYQivvJzp1pE0cFDvc=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 08:46:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.106200 OK 2.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.106:0
Hash f46425aabc0b446c40b94f6495d0f3c7
0a55199e11abc90d702ea3a61cf7f6c763641e7c
7a4da1c64f2d3f65dfb47d4d44b098f9d73bbd05adafaf1695d021e5cce4cd96
GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 08:46:57 GMT
date: Sat, 03 Dec 2022 08:46:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c7d147ba990ad65a2c529051e54d88eb
3869832b21954526ad8cb8dafb7797149d519230
103f0118d67ea1a692c308d9b49f842738d44b99486050602e708f03f44d2686
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 08:46:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 03:03:03 GMT
Expires: Thu, 08 Dec 2022 03:03:02 GMT
Etag: "3869832b21954526ad8cb8dafb7797149d519230"
Cache-Control: max-age=410764,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773b08eb0decb4eb-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c7d147ba990ad65a2c529051e54d88eb
3869832b21954526ad8cb8dafb7797149d519230
103f0118d67ea1a692c308d9b49f842738d44b99486050602e708f03f44d2686
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 08:46:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 03:03:03 GMT
Expires: Thu, 08 Dec 2022 03:03:02 GMT
Etag: "3869832b21954526ad8cb8dafb7797149d519230"
Cache-Control: max-age=410764,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773b08eb0ab5b51d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c7d147ba990ad65a2c529051e54d88eb
3869832b21954526ad8cb8dafb7797149d519230
103f0118d67ea1a692c308d9b49f842738d44b99486050602e708f03f44d2686
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 08:46:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 03:03:03 GMT
Expires: Thu, 08 Dec 2022 03:03:02 GMT
Etag: "3869832b21954526ad8cb8dafb7797149d519230"
Cache-Control: max-age=410764,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773b08eb08711c16-OSL
v3.traincdn.com/_nuxt/desktop/default/44d57e53.modern.js
8.254.252.212200 OK 6.9 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/44d57e53.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (18205), with no line terminators
Hash 8185f954c5f73d6c942c9b269e7b2340
81d999441d22cea048ff685620a5474327774980
3c44397f3204eb3648c2427907f3653517aa3bc4a3f12aafa39b886f111dbbef
GET /_nuxt/desktop/default/44d57e53.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:46:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 6932
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6842-1b14"
expires: Sat, 03 Dec 2022 21:38:06 GMT
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40164
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
8.254.252.212200 OK 698 B URL HTTP/2 v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP 8.254.252.212:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash baf96800254904a05eee2ff49c94a801
847efb3449a8d7857f004192310aa2164a71d530
0ba137aa5f655e712ac40a592f366d1bd3b53b0a6b71c2cff4e7e0090f440335
GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:46:57 GMT
content-type: image/svg+xml
content-length: 698
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Sat, 03 Dec 2022 08:40:12 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 525
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/c65cdfde.modern.js
8.254.252.212200 OK 537 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/c65cdfde.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 537 kB (537406 bytes)
Hash d885418e5feb49703219f8b090c8b385
ffc033b3b9b9972ecc056092ff45ea86b4cc2998
4c8e45e7fdce30f116b665548c628de7fb8e6dcc9c23de90b3a82936c64a4cb7
GET /_nuxt/desktop/default/c65cdfde.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:46:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 537406
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-8333e"
expires: Sat, 03 Dec 2022 21:37:50 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40164
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/version.json
8.254.252.212200 OK 44 B URL HTTP/2 v3.traincdn.com/version.json
IP 8.254.252.212:0
Hash ed405bbf6ee4f6210a18b08ea3230870
e3a062371a066f37afcdf237fd74750b142994c3
9d49e4f31b239f57b7f518a18af5890bf1a3d81d09b7d68d0f7738837f24efae
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x36781678.top
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:46:57 GMT
content-type: application/json
content-length: 44
cache-control: max-age=60, s-maxage=60
content-encoding: gzip
etag: "638a6964-2c"
expires: Sat, 03 Dec 2022 08:47:29 GMT
last-modified: Fri, 02 Dec 2022 21:08:52 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 28
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/004b31a6.css
8.254.252.212200 OK 85 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/004b31a6.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash bb4b44dbbd682acfdbd3f81901a18463
70dd14195194f23184e1e248b5c6ada95d76e8b7
016c93e57b040d693db2bc17eb2bd5a97a81332f3510a19f2a46a6c75c2eacd7
GET /_nuxt/desktop/default/css/004b31a6.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:46:57 GMT
content-type: text/css
content-length: 84782
cache-control: max-age=86400
content-encoding: gzip
etag: "638a4e5d-14b2e"
expires: Sat, 03 Dec 2022 19:56:01 GMT
last-modified: Fri, 02 Dec 2022 19:13:33 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 46256
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c7d147ba990ad65a2c529051e54d88eb
3869832b21954526ad8cb8dafb7797149d519230
103f0118d67ea1a692c308d9b49f842738d44b99486050602e708f03f44d2686
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 08:46:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 03:03:03 GMT
Expires: Thu, 08 Dec 2022 03:03:02 GMT
Etag: "3869832b21954526ad8cb8dafb7797149d519230"
Cache-Control: max-age=410764,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773b08eb2f6d0b61-OSL
v3.traincdn.com/_nuxt/desktop/default/abc097e2.modern.js
8.254.252.212200 OK 661 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/abc097e2.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (65479)
Size 661 kB (661016 bytes)
Hash 91f63441980cb12df06324938deecb7e
5e4b4398a6e599b748703801ec7b5c3346301e25
9fb6d6af3487db55f3d291302c1223f6feea01b6ac23b14e851e851f2ec1bb55
GET /_nuxt/desktop/default/abc097e2.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:46:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 661016
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6842-a1618"
expires: Sat, 03 Dec 2022 21:37:50 GMT
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40164
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/fd164971.css
8.254.252.212200 OK 49 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/fd164971.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9037fc3ca903985352353cc393afdac7
17dad87b5533b63a119de29045ef18b61d46d774
c8f3a87e800627faad7ca4476b75009828243fbb152928549a00fe95b70bc444
GET /_nuxt/desktop/default/css/fd164971.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:46:57 GMT
content-type: text/css
content-length: 48612
cache-control: max-age=86400
content-encoding: gzip
etag: "6389a8f4-bde4"
expires: Sat, 03 Dec 2022 13:12:53 GMT
last-modified: Fri, 02 Dec 2022 07:27:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 70446
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c7d147ba990ad65a2c529051e54d88eb
3869832b21954526ad8cb8dafb7797149d519230
103f0118d67ea1a692c308d9b49f842738d44b99486050602e708f03f44d2686
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 08:46:57 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 03:03:03 GMT
Expires: Thu, 08 Dec 2022 03:03:02 GMT
Etag: "3869832b21954526ad8cb8dafb7797149d519230"
Cache-Control: max-age=410764,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773b08eb09b61bfe-OSL
v3.traincdn.com/_nuxt/desktop/default/f3792112.modern.js
8.254.252.212200 OK 93 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/f3792112.modern.js
IP 8.254.252.212:0
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with very long lines (65466)
Hash 1c242f1216e4a5867872909457c381cf
a474f3517f3c456cd27215ecc4d4240e301b5964
e62846731ef883bef79a99c90f70c46bd2584d38f1c29f95fa4ebc752ff7168a
GET /_nuxt/desktop/default/f3792112.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:46:57 GMT
content-type: application/javascript; charset=utf-8
content-length: 93423
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-16cef"
expires: Sat, 03 Dec 2022 21:37:56 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40164
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8872
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 08:46:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8872
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 08:46:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8872
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 08:46:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8872
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 08:46:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8872
Expires: Sat, 03 Dec 2022 11:14:50 GMT
Date: Sat, 03 Dec 2022 08:46:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ffa12df550123f63b20f67437cd8a04
398fd2d837c73f54c4591b69cd683f29bdf9184a
fd9ac4396488098923c27531295e64475047dd008a901e59915109a73a69f305
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F652bfe35-9b09-4fba-b7b5-c6bd90cccdbe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6119
x-amzn-requestid: cac5842e-2b57-4eda-9b09-27ec8a0b1bf8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMiE7Hq0oAMFzHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381b085-151f123551f999a918de8a3a;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 06:21:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: mrS561ug59NStQyD3cH4ndqGvY3QiLVeMFOoC86ktj52PghNjeYa5w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 20:55:39 GMT
age: 42679
etag: "398fd2d837c73f54c4591b69cd683f29bdf9184a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 13490
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 436b46a2eea584bd8ec1dba5603c8659
fed437d1919af63f9d58396f318568aadae3d868
fff21dd129f35807bfc29c6582661a79e764238076e540968b57fcad18811566
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59297fb7-bcb3-48eb-83b5-7d264b21c3db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8016
x-amzn-requestid: bfb5f288-4467-467a-9b30-1055a4e6bc54
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZPeE4nIAMFvnQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2f-53a5a66704157f4e003ecfa4;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:35 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lUqXgbpEaZh9DO_rv0K5pzHUAF1DsASkKYNTU6t5AUWZjHNV9LRojA==
via: 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:01:05 GMT
age: 38753
etag: "fed437d1919af63f9d58396f318568aadae3d868"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcdb77a21f91a4a280ac9a8efbc48bbd
74c974eaf1cbdf6c5ae11793e42caf4c4e4cb25d
5ee7c45f21b38c653d03a24b10a190a9e9266226d221b006e787cd3719088d7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5e765102-d7b9-4765-a166-db04ae6113bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11233
x-amzn-requestid: 89afb72e-6967-47d0-a0ad-48cad8cd08e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIpgOEi0oAMFstg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638022ce-1e8087e734e71d611df75830;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 02:05:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: d9wLy3xAxK6RiYf25v_GFT1gdezT8IzMxaFyGRuGm2nxOBh6uEOg3w==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 22:01:29 GMT
age: 38729
etag: "74c974eaf1cbdf6c5ae11793e42caf4c4e4cb25d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 249aec334460c66dc88b9e8def4e48df
f86d1d278ba5b24587b10519b1b30d75044efd97
b083151804ced0533a5b33302ef110b50ddc4bf653de0fb8f6c7711f4bc29fe2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e545217-31b4-442a-abef-bcaaffcd0407.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9449
x-amzn-requestid: c21c52f9-d971-46d9-b632-0439a0e23da4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZkxHKbIAMFxkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6fb7-2b8cc0982af568626f4a4bbf;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:35:51 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XFIpOllaPcRJOsgZI2EVDyFv-Doz62OcY6gxFlejoXxdeVGya-PNFg==
via: 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:53:26 GMT
age: 39212
etag: "f86d1d278ba5b24587b10519b1b30d75044efd97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 39352
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x36781678.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 220384
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x36781678.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 220382
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x36781678.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 220363
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 08:46:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x36781678.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
178.253.14.166200 OK 352 B URL HTTP/2 lite-1x36781678.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP 178.253.14.166:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:46:58 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1670057217012
178.253.14.166200 OK 145 B URL HTTP/2 lite-1x36781678.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1670057217012
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1670057217012 HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:46:59 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/pwa
178.253.14.166200 OK 15 B IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e4766fd1b2ba2e236fd9364587f99ab
eb98dec7af065d80a1a3ddb99cb3e3c0919aa852
4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b
Analyzer Verdict Alert quad9 Sinkholed
GET /pwa HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x36781678.top/ar
Connection: keep-alive
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:46:59 GMT
content-type: application/json; charset=utf-8
content-length: 15
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
server-timing: dt_285;dur=2
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/2def7320.modern.js
8.254.252.212200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/2def7320.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (2510), with no line terminators
Hash 650c4387c576a49c8e72233a905ee153
8a74f319540212c618be068e1884552e4d052589
3eef49989597d040e2e026e4586a4471f9e3144c86787931df3a1eefddf76fbf
GET /_nuxt/desktop/default/2def7320.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:46:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 1082
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-43a"
expires: Sat, 03 Dec 2022 21:38:09 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40158
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/version.json?timestamp=1670057217168
178.253.14.166200 OK 44 B URL HTTP/2 lite-1x36781678.top/version.json?timestamp=1670057217168
IP 178.253.14.166:0
Hash ed405bbf6ee4f6210a18b08ea3230870
e3a062371a066f37afcdf237fd74750b142994c3
9d49e4f31b239f57b7f518a18af5890bf1a3d81d09b7d68d0f7738837f24efae
Analyzer Verdict Alert quad9 Sinkholed
GET /version.json?timestamp=1670057217168 HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:46:59 GMT
content-type: application/json
content-length: 44
last-modified: Fri, 02 Dec 2022 21:08:52 GMT
vary: Accept-Encoding
etag: "638a6964-2c"
content-encoding: gzip
expires: Sat, 03 Dec 2022 08:47:59 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 08:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-178408567-1
172.217.21.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP 172.217.21.168:0
File type ASCII text, with very long lines (1921)
Hash 91e430a34e3f567f09242577bf6191a5
ca9258839d973b2b7a1575010aeab4c839923dca
b45da40821a122b6426a165a13989feaddd566a72924726d2adcdeed8bbd7f8d
GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 08:46:59 GMT
expires: Sat, 03 Dec 2022 08:46:59 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44647
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 08:46:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
radar.cedexis.com/1593429750/radar.js
45.54.49.5200 OK 19 kB URL HTTP/1.1 radar.cedexis.com/1593429750/radar.js
IP 45.54.49.5:0
ASN #63911 NetActuate, Inc
File type ASCII text, with very long lines (1782)
Hash 2acb3c3179b2646943d1a8f5166743cc
56aa31a4027fec3dd8cc78114c6b0f3604716c14
0ac8b27ab0fd5f6440f4fc51e98694a417ae1402a3ca4feb224643327c079595
GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 08:46:59 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 29 Jun 2020 11:30:33 GMT
Vary: Accept-Encoding
ETag: W/"5ef9d0d9-af5c"
Expires: Sat, 17 Dec 2022 08:46:59 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
v3.traincdn.com/_nuxt/desktop/default/21ece11e.modern.js
8.254.252.212200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/21ece11e.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (2873), with no line terminators
Hash aabd868484f45895d74781763e30220a
fa5220d9f0aa0f9296a64a3e1207fe3542ec5524
fe03a5569f750cbe172a094c3fc20b3add1159f6ea323d394e3a7d05e3c383e2
GET /_nuxt/desktop/default/21ece11e.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 1116
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-45c"
expires: Sat, 03 Dec 2022 21:38:48 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40145
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/qatar-200061.svg
178.253.14.166200 OK 19 kB URL HTTP/2 lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/qatar-200061.svg
IP 178.253.14.166:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (18547), with no line terminators
Hash bf0141dad055be1ff98e7c158658abfd
ab905d22b79433ee62ddd369b4d30b29ce1c5730
b1b138e72702742587f5ef8665f5d435b1f638a7bcd534e0e71823fb547b6b66
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/Desktop/Default/svg-sprites/qatar-200061.svg HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
etag: W/"638a6842-4873"
expires: Sat, 03 Dec 2022 23:50:41 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/21361.png
178.253.14.166200 OK 6.2 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/21361.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 7b45b3ca3cf3c0b9ab9297da86a0a8f1
0bebc0a8c6d4fd30eeb9e2913d20292653b26ec7
fa1e9960400382fe72c4991e1bc122f62854ea33c9ba537edc56a93da94af650
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/21361.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 6225
x-amz-id-2: ltimB6TvY1yRo6H05TOD8o1UxCrDjl9WpufKXN2HuIZ3ECsvQ0I80mhNKEIFZUi4Mm6gVfXK8/fJuwSg+WSctw==
x-amz-request-id: 8H2ATHTZHEFXPGT5
last-modified: Tue, 13 Aug 2019 14:58:45 GMT
etag: "7b45b3ca3cf3c0b9ab9297da86a0a8f1"
x-amz-version-id: 1WucjePzbGsI8buTa3KHv5Zg0WaYhAfT
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/country-200061.svg
178.253.14.166200 OK 57 kB URL HTTP/2 lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/country-200061.svg
IP 178.253.14.166:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a33e9a07c2c1e594a9da9367ba50b9a8
28a9372927293ff6eb9e99a6460c7f22573e2fed
135ee429ed4df7467e6f748ab3bcbb352682a8130ea0e92285738c3f7b6087cf
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/Desktop/Default/svg-sprites/country-200061.svg HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
etag: W/"638a6842-26132"
expires: Sun, 04 Dec 2022 04:16:37 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/common-200061.svg
178.253.14.166200 OK 58 kB URL HTTP/2 lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/common-200061.svg
IP 178.253.14.166:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash ce0a994a171f887311b4186989d80db4
164c61843388dc0c278e224d0c6af5adc5d894ae
7d93c71450b6528e688d58e09cb700d11cfb6d2d463aa5d1fa79d078119dfc9f
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/Desktop/Default/svg-sprites/common-200061.svg HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
etag: W/"638a6842-19794"
expires: Sat, 03 Dec 2022 23:50:41 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/72bdda18fbbc5f9e298321b21146f1c4.png
178.253.14.166200 OK 33 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/72bdda18fbbc5f9e298321b21146f1c4.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 151a95ebd9db510cfab582f7c514eb1f
45402159cff31628d221af954640fec986e23188
4d91cc032b6098a9aef029858051ed7690405ba1b3e322dad268995dfc177e1b
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/72bdda18fbbc5f9e298321b21146f1c4.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png, image/jpeg
content-length: 32889
x-amz-id-2: f0vtRGHB0TGFLrkTfryNWNxK8JX5yotBLum6RVEqUtP6WwpQ56ft/6NZjKm3oAvaG4+A0u/OeEutkQZ1UhIn6w==
x-amz-request-id: N3CXXC5SYFTTFJGB
last-modified: Sat, 18 Jan 2020 20:53:43 GMT
etag: "151a95ebd9db510cfab582f7c514eb1f"
x-amz-version-id: goKvhIqMe3y_1VtM_e2TKv48GWmVzLxg
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/76b4f1b22c728facd8a8dcd85c92050b.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/76b4f1b22c728facd8a8dcd85c92050b.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash f0ce395b3187ee422231821cf474dd75
cee0238deef3d43b9772bc2dd86ffa1ffb24b487
258c7e2af41e226d7925f6db81fb5b8477a668e9692a5ef8c7984e141e26063b
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/76b4f1b22c728facd8a8dcd85c92050b.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 11355
x-amz-id-2: Sa0O8YJ1xYynsdKOdYseeH6XKD7d4L/NY08kr1HFKyUlmjU5v2s62LxbFFG4bEowPm4QVr+iIO4kPC4DcJlf4A==
x-amz-request-id: N3CGHYTJJNNA25EV
last-modified: Wed, 27 Oct 2021 10:13:17 GMT
etag: "f0ce395b3187ee422231821cf474dd75"
x-amz-version-id: hU8_LdITcXfuh44BcnjvtewYXyt9CbiB
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/7936.png
178.253.14.166200 OK 15 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/7936.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 3446368b58f39da8c19e7c431ec4b4aa
a6e7bd90bb1e3f79e64d35fd4b1d31d74fc7ddac
c27e9df09ee11ed1e75789422ad65efb8a5268019b32eca09c65cad13689c565
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/7936.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 14676
x-amz-id-2: +5vrWqAIa20gvlr3GJXNhNtviBEO32xYUgyY8WTJR6pL9z9GYVJY+snKqlA0S0QwYf6A7giFfXKAeRvjCTMP+A==
x-amz-request-id: N3CQ5JC8D6JKBAAK
last-modified: Tue, 13 Aug 2019 15:11:32 GMT
etag: "3446368b58f39da8c19e7c431ec4b4aa"
x-amz-version-id: jhgKO_js_.HPiLTDaQqWjK.DdMQIW8Yr
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/ff9dcd892717b2166ba546b24f919c5f.png
178.253.14.166200 OK 4.7 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/ff9dcd892717b2166ba546b24f919c5f.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash f4476479a5e4669bd63d348a5a7c4300
ef2a90546c442e1e14df71db693cae321a579aa9
1b2dd2c586838bbdfa1ce7d6aa819a4e2b05675d4eddfa83c1c3a3eb832187f3
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/ff9dcd892717b2166ba546b24f919c5f.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 4686
x-amz-id-2: bxxF1ICRIgWjuPJlFOmOudKR1dR7m75HzPqNdQmw+wJedrHlIsiDuLmwuQF5fWgXPaRtGjSdn5Fy8OZYKFXiAg==
x-amz-request-id: N3CS7MBGX90A72RB
last-modified: Sat, 22 Oct 2022 07:00:50 GMT
etag: "f4476479a5e4669bd63d348a5a7c4300"
x-amz-version-id: 8HfPZuWF_oWAH2sHdYLmgTVeTNPOfP3E
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/99b7312fc9fe6f4bf947ec17473d0414.png
178.253.14.166200 OK 18 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/99b7312fc9fe6f4bf947ec17473d0414.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 99b7312fc9fe6f4bf947ec17473d0414
d75dd7da6c39add6b9e1055b226c920170d94374
8102fb62d4dfbb63141fc69e384a848be92b6ac5ba3f815bb116c6f2a62b868c
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/99b7312fc9fe6f4bf947ec17473d0414.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png, image/jpeg
content-length: 17597
x-amz-id-2: sVb+W9vMTdwHokHjkXt1XVm+ABJAh/JcXF0/LJn6uSv/2NLpRZWIi7w9M+lL/X0bxIA8PXgP10f9MUkls0qZyQ==
x-amz-request-id: N3CQYGS6T5J3AF92
last-modified: Tue, 26 Nov 2019 12:34:45 GMT
etag: "99b7312fc9fe6f4bf947ec17473d0414"
x-amz-version-id: cv3D5CpcX41y2UOZrJYMtYU_RbSLk1ov
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/24b5f38b7855d38e6d995c65d25ab1bb.png
178.253.14.166200 OK 15 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/24b5f38b7855d38e6d995c65d25ab1bb.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e5d193c02fffcd66898c33370d083dbe
2ac1afa984b22e7acc404d888ecc7c0175b54878
769b223e7e21d7943ffa31604860757a9d5ecf1ea64270713e61efb99d58a38a
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/24b5f38b7855d38e6d995c65d25ab1bb.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 15022
x-amz-id-2: kkNuXPxwK/8OG9wDPHsYXPk3zNJYP3zIY/mUMqT/03c/K7VWkXlQvbMpzqUEvVs/VNWzd4JUSfoQToTZcGQoxw==
x-amz-request-id: N3CH9QWSB67914DE
last-modified: Wed, 08 Dec 2021 07:17:24 GMT
etag: "e5d193c02fffcd66898c33370d083dbe"
x-amz-version-id: cZfAz_SyAGnVJrCO1j1C4sIV7iS2grZ_
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/56f351cc827ae02b5cd99041d5aa04ae.png
178.253.14.166200 OK 19 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/56f351cc827ae02b5cd99041d5aa04ae.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 51a207368396ad997049178a83e37977
b5a2b045fdce9d2cf164ed7bfdeaa74f531c1a73
14ba9db320f60f481c77cb773cde9ab3ef272d8fd1780d370165c452211344a9
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/56f351cc827ae02b5cd99041d5aa04ae.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 18931
x-amz-id-2: MSFls/3Hn3/ykpdINCJ9yuf4SiC276usVHDItWOhvwF7hMwWUt05dgIE+1l8HRB5xLZRezk1B996DZCAt+gEqg==
x-amz-request-id: N3CSCJ0V98Q1DT7Z
last-modified: Sun, 25 Jul 2021 09:20:23 GMT
etag: "51a207368396ad997049178a83e37977"
x-amz-version-id: swbzdVvyjJ5rNtQEej9wGDw7rdJGFZ5m
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/b2149289de28547500570ee22bf71136.png
178.253.14.166200 OK 15 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/b2149289de28547500570ee22bf71136.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ded5c88a47a26597cdafc5a1018f587
a82197892b63a35f1acb1b3084fcfd23b851f718
d93438fac392301c2899a17e6a8b761f193e83feeabe32e554c2b82bc5e1f8de
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/b2149289de28547500570ee22bf71136.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 15348
x-amz-id-2: aJq+YgpvQuhb1C3q6jGePFWCPjjALKuh3JJNNFcMxwt4XcMMfqKvHwnd5wmJppxs96ZRpjehnQVxq8sYzQyBPQ==
x-amz-request-id: N3CGNZHBDCD1M932
last-modified: Thu, 15 Apr 2021 10:31:58 GMT
etag: "3ded5c88a47a26597cdafc5a1018f587"
x-amz-version-id: px8iVAKbrHcgLr3vo_rd15qXkrgpecSk
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/d2f3aa6a16b261d70c3da3e50c293fd9.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/d2f3aa6a16b261d70c3da3e50c293fd9.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 93fa2015f1ef3ed3df7e2c49e2f46be1
c973545cd78ba39cef0a33b94211daf6b7604dc0
d5d2f9c76bfdcad7962f2cde5aa9c226ca7ed9321ff1f2e2e43824902a352aed
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/d2f3aa6a16b261d70c3da3e50c293fd9.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 11336
x-amz-id-2: H1Ch/D8NGXqFfbrEdhTcFFzLiox/DVyco0+eIVkwC/OFtp6vkrIeKB1nLG9YyiPnJIXPFa9bhT/S+bo26ZlHRg==
x-amz-request-id: XQ6034A3AWJF3Z6H
last-modified: Sun, 03 Oct 2021 17:46:26 GMT
etag: "93fa2015f1ef3ed3df7e2c49e2f46be1"
x-amz-version-id: hfBvkRn0_fZYkS0_77ztldReQfu9WL3f
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/d280bf71aa8d174f6b5247f633d48213.png
178.253.14.166200 OK 15 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/d280bf71aa8d174f6b5247f633d48213.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash b198599b90a26607c30ae77efe8b672d
7897a7c1b3be8bc0d43fbe7750bd03213270cbad
ea215df9d4b75460c567dc596748528f1de17927b8922a1636a2accaa26734b7
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/d280bf71aa8d174f6b5247f633d48213.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 14662
x-amz-id-2: w4ZbymNfWbtzDhD/i535fYvVrqJtzv2Z+k9IfBIxnsqTDlqmTVewZL4sZYQwXzeYSlboz/fGpMKQT7lAZnTRRA==
x-amz-request-id: 289XBZPDK2F0F717
last-modified: Fri, 04 Nov 2022 10:10:00 GMT
etag: "b198599b90a26607c30ae77efe8b672d"
x-amz-version-id: hisimGuRu08k8f_plUBP.3ldOUMa2wfw
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/415599.png
178.253.14.166200 OK 17 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/415599.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash ad0df00b327c2529568d582593533afd
5aa7375248e4548d153b5964f5788a4c829911db
ce066caf6c1dbc03550819a0dd1b351dcc30aa8ca316d91130f47c5f339f6b7f
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/415599.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 16786
x-amz-id-2: i79mJxLRUruNz4tzKOutyocIEYoAE2uknuxD2OSYn0YYhcEPBpn2VUYteq/wQ3BT0CCyGB9LY0vOHYpG84xEgQ==
x-amz-request-id: W0BTFN5RCJTDZS08
last-modified: Tue, 13 Aug 2019 15:06:05 GMT
etag: "ad0df00b327c2529568d582593533afd"
x-amz-version-id: pegML40jbXtaEyL35deKQQDFzDfv00OW
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/267805d9e52f3bc174ff3cfab6318d32.png
178.253.14.166200 OK 14 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/267805d9e52f3bc174ff3cfab6318d32.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cc94194249076d1ab393e021b3211aeb
f0ddc88defc7e6e0da44ab62bbe15602014887a7
e73423d20e0f040741a0b30fa21551dde4e41721c156addd3f4f99032aac71d9
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/267805d9e52f3bc174ff3cfab6318d32.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png, image/jpeg
content-length: 14088
x-amz-id-2: tNDA3mKRVcFlOgSkxrAc+HNfNQrR2g8iWJsiVVQt4Jowj1xPYWUoDdL+6m+kR82+cqIoreBnZq07XvfMIeZnJQ==
x-amz-request-id: W0BJAJ10S3WH16J0
last-modified: Sun, 01 Mar 2020 03:56:40 GMT
etag: "cc94194249076d1ab393e021b3211aeb"
x-amz-version-id: qqV5v.duvlfiXWeWsg_ApI1q2K4ZO.An
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/2982.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/2982.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 03530746658f38452bbd367847e9ced0
e4e3600a2d66797d29323c29e59d2b6e128337af
0ea3796c3dab16c17f8fbca40dd86f817b28d8f8daf06b44c1809b944283b271
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/2982.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 12959
x-amz-id-2: dI8WVdj+3zh9U+HqUEvP/KHUkdvGgA27Tg+MfP7nCTzSeDwD9fcCZ23qWWKrFgjzOtpK6xKrbSt2G7gTZpcDgA==
x-amz-request-id: W0BSJ4Z6PZ6NZQP9
last-modified: Tue, 13 Aug 2019 15:03:56 GMT
etag: "03530746658f38452bbd367847e9ced0"
x-amz-version-id: _CJlWy1Tc7Ffm9SPXgsAI_LtOs6DVzeJ
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/2992.png
178.253.14.166200 OK 22 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/2992.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 602f6feb57238a179f18418afd95dea4
850dd6fc1b7522807f1509b5c7fb56b94959f906
28004d3e1ffa62e2137a10a0482560efe3aa376b3d698db44a1ce40a40c4d557
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/2992.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 21994
x-amz-id-2: 2UWfEz/G3ETwSfB766T/SdSi+N4sCu+LTY8hgyAXSel1wWQ6Kw3x712MyBaMQK9fphlRvfDcmFLIsSi8lcMQuw==
x-amz-request-id: W0BSE7WM42MBEKZT
last-modified: Tue, 13 Aug 2019 15:03:57 GMT
etag: "602f6feb57238a179f18418afd95dea4"
x-amz-version-id: 2ovEiXq_Nk6ish09eh6oYVHD4cNDGMtQ
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/36727.png
178.253.14.166200 OK 8.8 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/36727.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 842ccc9438fb4a2d29b9b4985327b96e
06b40542c8e9ac64e6e49070502617b1652639c3
808c88b1066ce234d310f6b6bc59d9a9dcedff52af04d8e65f7f37d0e57c4abb
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/36727.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 8844
x-amz-id-2: vekb75PNhIGbi7MdnZbGoZtZK9SzsVP44eC+zpBTB5DJvPuK1MtzDnwY/kTjcbchw1UxdK7q+kUPbZOI45W4NQ==
x-amz-request-id: CRTP0335QBXBTVP2
last-modified: Tue, 13 Aug 2019 15:05:14 GMT
etag: "842ccc9438fb4a2d29b9b4985327b96e"
x-amz-version-id: .gPNfdJlR1dWE_s6gXGc7d_R7W2G1_Dm
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/864285.png
178.253.14.166200 OK 19 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/864285.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash c68623906d990dc64dba996034c7db9c
b94273921a9bb06ec7f1d022d098c6a37a7ba1a4
63a9fa270cec4f25b043dbbc27f86c18050605da39cf55e76d9f253bfdd361fc
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/864285.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 19299
x-amz-id-2: P7BkmtG9T2ewcjHVv0I3fVoeplT03xo0dh/ihgrycSccou5qKVP6CH+vmNY4Js7eD4tppPI4qVc2rlsnFrEnrA==
x-amz-request-id: CRTNZHPXTVXF8TQX
last-modified: Tue, 13 Aug 2019 15:12:11 GMT
etag: "c68623906d990dc64dba996034c7db9c"
x-amz-version-id: 6QNIVCQ3Pwy8G.OxO6ykLCkqrBvJf3io
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo-champ/c223517fcf9c5dab03747c3e0d78c581.png
178.253.14.166200 OK 20 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo-champ/c223517fcf9c5dab03747c3e0d78c581.png
IP 178.253.14.166:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 97b2806ac7b36e55677f0160e9874173
7ff9b27d1b07f84e5f3c76bffc3b75d67edd326a
a43e120f28ed038c7a5325de2021da2ba5262dfe89973475e99538e6badeedfa
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo-champ/c223517fcf9c5dab03747c3e0d78c581.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 19917
x-amz-id-2: D3qenSMEGamdbjanCb/jpe0or1ROGTk/KcaKsRpLAEgBS7crb0KFB0jQCjF7Yn4ogzZUwKLZQEfXMEl2ninZVA==
x-amz-request-id: N3CXZJ78MZN5BAK2
last-modified: Tue, 03 May 2022 12:14:47 GMT
etag: "97b2806ac7b36e55677f0160e9874173"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/13189.png
178.253.14.166200 OK 8.5 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/13189.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash ca1cee37350b938de1cea205ea2afc80
baaaf9d36a816544e76091ea4972d95a8085bf37
0a33309960f474e15d06b11b42748edaadb050c6eaa0082e3c198e2db5558074
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/13189.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 8473
x-amz-id-2: APuLqVYCibJ3OKdH++oibzSN6KgSudiyVe6OPOOkeWX/AHbtPkWzZWkcuQr390aO05szpU3FuS4T3eeaveaOfw==
x-amz-request-id: N3CJNGV9CSS57MN3
last-modified: Tue, 13 Aug 2019 14:52:59 GMT
etag: "ca1cee37350b938de1cea205ea2afc80"
x-amz-version-id: DFA67Gxap.29i5.OipceI.ZQUnbC2bd1
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/5babdac793c016d303db8c90fa6925f5.png
178.253.14.166200 OK 12 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/5babdac793c016d303db8c90fa6925f5.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 67b32fa4c7b3f0465ab74d987e5b370f
ee105f0e4fc2305d6bb3befff140634bb4c0fc4c
b7e6adef1e32937122a63ceb3cfc85beff4729b0f75c18f510f4e72fa8a349e4
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/5babdac793c016d303db8c90fa6925f5.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png, image/jpeg
content-length: 11883
x-amz-id-2: z2TMsSfRuDuiTiHelrOruX25Z9RWRSK1VXcygBOycYlr7MBwIJSaw+LclFK+z01ivAKjMGI+ZHijoXmbksISLQ==
x-amz-request-id: N3CM3MERM9P6FT3V
last-modified: Fri, 01 May 2020 14:24:22 GMT
etag: "67b32fa4c7b3f0465ab74d987e5b370f"
x-amz-version-id: I8TmmM1q4YHb6EMkH2z_qUgnw6k_Vuco
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/12601.png
178.253.14.166200 OK 10 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/12601.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cf0f619dd7329e71629341b471df0d70
22ea5772d8aa07884ec1ac1f2e24766392b07a6f
0725586b42b307c9d910d342414285b71df9391009d650b4302613323f73f6e4
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/12601.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 10248
x-amz-id-2: 0TX19WMi2WgZshlGlYPLMX0rQISSeSPE5Xd9o4c8Qg2obzloRSfMb+Yij1Kc0i62Ud23HD4v5hVGHIZusy04AA==
x-amz-request-id: N3CW0NK7PF5AZPJ3
last-modified: Tue, 13 Aug 2019 14:52:37 GMT
etag: "cf0f619dd7329e71629341b471df0d70"
x-amz-version-id: bH4DUdwtrpD0R2GZ1NhSnA1AxTpq7U7R
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/12759.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/12759.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e9c33ff3cb0f246e67cd0ce669b6c153
93ffc0086a3bbcc577302ca0ed16b4a305018ee7
268bb3752bc873f4a26c4c13380b8ed2bab575ecffe2525385171dae177956ed
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/12759.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 12817
x-amz-id-2: WM2R8hq3cK8VuecujXbRjF8E7WOu4XK8aeq+tKP+KarGd58XeFFpkWzCuUkw8/+KQAa1l6zDk9MsQMpdDvj2wg==
x-amz-request-id: N3CJD9BT6Y2PWVGP
last-modified: Tue, 13 Aug 2019 14:52:42 GMT
etag: "e9c33ff3cb0f246e67cd0ce669b6c153"
x-amz-version-id: pJWehdpggqBOeIKGR0FMKXUgNQv.lqnN
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/defaultlogo.png
178.253.14.166200 OK 2.7 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/defaultlogo.png
IP 178.253.14.166:0
File type PNG image data, 55 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash 72c91e676105dc1628e8a636554bfcfd
c0162ae779e4000be14b99e96981ff309a41b0ee
d10053f91feb4cd1a54f46fdcb8eb5193e4396a09e6341458edcf2f38ada718b
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/defaultlogo.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 2713
x-amz-id-2: 2wtjbK/tFCn4ysz19CpvlY/gOdIGzN4of7HootzKx12VnoMc2LG0ORNd66LmepeL1XxA3CIWBWl6mw34ReOM+Q==
x-amz-request-id: N3CQS43P06W6JQJ5
last-modified: Tue, 13 Aug 2019 15:13:43 GMT
etag: "72c91e676105dc1628e8a636554bfcfd"
x-amz-version-id: ygHOXyYx_9gTcW50FeqErA8BsSDNEhuz
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/b258474167af382a206b7dcea58a6ca4.png
178.253.14.166200 OK 9.3 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/b258474167af382a206b7dcea58a6ca4.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 5485d3d456c67692f232d09ee2b7174e
fc044ce84c6c35519b35d2ddffafacfef03b77d3
039e59f716be6ff54f92df46ecdf8612b5a57414645a3127566dca04d2a7f045
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/b258474167af382a206b7dcea58a6ca4.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 9272
x-amz-id-2: r/rc/zAeVGZDxDDnHf9Oll0kT/51lx3HcGlH9JPp1U/ffK649kdtxO/aS0l178zfMQRAa5SDuJn97Wf3dhZbFA==
x-amz-request-id: N3CQZYG2PTHXC5WT
last-modified: Sun, 20 Dec 2020 20:37:10 GMT
etag: "5485d3d456c67692f232d09ee2b7174e"
x-amz-version-id: vCvUyrafL3Jc9uiN4uH_3QHQwiQNqehQ
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/4498.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/4498.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash eb37238a6dbf2020fbb70524ba9f715b
7539c57d4b8ee88d900b79a5a0ec84022911c0c1
5cfcbc6eefb356bf897ec73e9528656e234bb525ce1fd5f56a480d1eab2ec6f2
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/4498.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 13143
x-amz-id-2: A03bsx9gPREvbuwb0pFZqCr5acuumLusu8OVs/Bkg802TTBEqqC3/vRm3xIb2ZOD9iPxhWDWO0MJazVq72VXCQ==
x-amz-request-id: N3CWAJ8NWD35JFGD
last-modified: Tue, 13 Aug 2019 15:06:35 GMT
etag: "eb37238a6dbf2020fbb70524ba9f715b"
x-amz-version-id: 3itmjxQ.63FcDRUvVqWQCrA4Ii3VkoUV
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/baf4e51de8fcc71567bab023c955cf7a.png
178.253.14.166200 OK 14 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/baf4e51de8fcc71567bab023c955cf7a.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 45871f2cb4156b1689a46a438dc000ad
ca1c5ee172108bb6c5f3adc4d102c8cab803e4a8
4172f9ea650b24727dbae42c1675f44527651647a8a12262f1f835ab9fbdde60
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/baf4e51de8fcc71567bab023c955cf7a.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 14409
x-amz-id-2: iUghMPtI8/XBNmWooCrQVqHhJ94QvYTMkwmyFuZzfUnt9BbpE1Kpb+DXiQITTpVq12FY590d5bQedM+o8+//cQ==
x-amz-request-id: BD1AK6ZT9VKPP4PR
last-modified: Thu, 13 Oct 2022 12:40:42 GMT
etag: "45871f2cb4156b1689a46a438dc000ad"
x-amz-version-id: _mtpoqV8pKUujlkPreiED6tPZkTvWyvZ
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/4496.png
178.253.14.166200 OK 9.2 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/4496.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash b2e5cca786c945ac7f3c5583f74b177f
48d1835f189398c33d0c3a944366db9d3f9ca35f
a05482a22d4cbd7cb4a6caed9cba9187cc4fc0da7fe79897cab16800d39b7f45
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/4496.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 9185
x-amz-id-2: 6iwZq0cbHqN5dDxKQdBOPUB6vL/uc3oYKeNE0L5dlezV9spB2APOHEHhZFiOGRyXbmGRXL0QXBhjqQy9aBxpXw==
x-amz-request-id: BD18DDNCDP28Z0KF
last-modified: Tue, 13 Aug 2019 15:06:35 GMT
etag: "b2e5cca786c945ac7f3c5583f74b177f"
x-amz-version-id: WNSAs9pSINesbs2x9dxJLs5pg8B.NQ6k
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/2004.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/2004.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 2035a825e77f7f315449070415e9fb5d
41c9b42db39041c47be8fa43ae35607ef376b3b6
f83dc4adbfbd6228bcf4a25916064acbb61ee83fe976bbec492f3c05e88c1aea
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/2004.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 10717
x-amz-id-2: WxqRkNP9IbxQ/fTatjhH4sZKVKOaotjYbELZk3bxswQ2VG4kXL98wtFhaoUmfTGzS/ahKtrffxJ/VWRnbCgc8A==
x-amz-request-id: N3CSW852KXXC5RY6
last-modified: Tue, 13 Aug 2019 14:57:51 GMT
etag: "2035a825e77f7f315449070415e9fb5d"
x-amz-version-id: Tad3e3NR5CYVudhdRnSlijJl1jBqVvCu
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/e65f1e0866170fc8fa00fe6d07ff2411.png
178.253.14.166200 OK 9.9 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/e65f1e0866170fc8fa00fe6d07ff2411.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash f3d5883dabf21f44915373f76e66baae
11082e17e50b8d075bee400630901c195f7da70f
2ccdf946a70c73052c2290df10c4969d29363145b5f0e852371a89a4ab309cfc
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/e65f1e0866170fc8fa00fe6d07ff2411.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png, image/jpeg
content-length: 9895
x-amz-id-2: Jk/LuLxacAraSmGR50Na4641HaIoYvJyS4bMGcW9LFMaUUdBqr+IASf1zjfRaW19GYBAoQrIVapRp2Naud2atA==
x-amz-request-id: N3CTCMEYDHTE2AJC
last-modified: Mon, 23 Mar 2020 12:02:26 GMT
etag: "f3d5883dabf21f44915373f76e66baae"
x-amz-version-id: KA37Uu4RWjKftITCI3HWFtvVtmXtQ5RQ
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/8e8d3577f29263c4b081ec72664f025d.png
178.253.14.166200 OK 12 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/8e8d3577f29263c4b081ec72664f025d.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e8d3577f29263c4b081ec72664f025d
a062e14205c3f2146841d775b7da1c7b2d4fd9a7
59859bc14a8eee9cebc0affbb857e5757b7e962b9ffef3c7c8e21912aa825f86
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/8e8d3577f29263c4b081ec72664f025d.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 12048
x-amz-id-2: 4rp49X9uqfYtSO/IobVkXIzWbxvjt380ZxVog7hlfuqv1Lgvn4atGsMUmGr/P7Hb53rw5NYkGXblmFlNyajpBQ==
x-amz-request-id: N3CVCQD7HC9S13YQ
last-modified: Tue, 13 Aug 2019 15:12:29 GMT
etag: "8e8d3577f29263c4b081ec72664f025d"
x-amz-version-id: KGBCve1kQP0llmq9x5fOINficAfv2QrL
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/sports-200061.svg
178.253.14.166200 OK 146 kB URL HTTP/2 lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/sports-200061.svg
IP 178.253.14.166:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Size 146 kB (145581 bytes)
Hash f01638722fa9019ef26abd496a9e026d
2952ebed40a900e704d17331cab07c345b906216
8913d4982141fd48739b4b3dc072caec4c99b9543f8b3b2eacabbc2f6ec7c931
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/Desktop/Default/svg-sprites/sports-200061.svg HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
etag: W/"638a6842-52ce3"
expires: Sun, 04 Dec 2022 08:43:40 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/11847.png
178.253.14.166200 OK 4.9 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/11847.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cdb663bb634488b4fc94d575fde2ed57
c4e74a35177b8390d8462079d9d907b3663cce7f
f2482d8a48a84b3f81751234540289704e60a8f60de2e945fb46c72a75979477
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/11847.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 4922
x-amz-id-2: 0KJEZracCFAUFhEAhCwk06Ky3Iz3Wy1pol8sftTVlosT3SNKXN5HQzTnSF/jzjN2ra+9kOeeFP31GVLUsyVIgQ==
x-amz-request-id: N3CSF0W0Y9TRF8ZJ
last-modified: Tue, 13 Aug 2019 14:52:14 GMT
etag: "cdb663bb634488b4fc94d575fde2ed57"
x-amz-version-id: Vl9uO5HSh5ELbrASIKHZgPuIh0xUdHSs
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/3492.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/3492.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e7a20e3b98c8d56f42ffca973bb32401
8cd71d473c55f85af7c82d47c1b28ff9b49b8fca
57f19e44e00b2c5df991b5db1953dd2655559a91c9a3ca9dcc9598eba9e7e4ff
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/3492.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 12873
x-amz-id-2: RT8LxM4gLUMFchjdj+rZuHnTLrNTWpr9HapCF9P6Y4P94/LC4qhMCVZXC14E0M4ZZgphV0P1vndR2x1hmXm29g==
x-amz-request-id: N3CKEDNJ67V9K9XY
last-modified: Tue, 13 Aug 2019 15:04:53 GMT
etag: "e7a20e3b98c8d56f42ffca973bb32401"
x-amz-version-id: sYDQq_D04C4E_JXGR6NCLbio2VOnTjdf
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/3516.png
178.253.14.166200 OK 7.5 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/3516.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 04a468b469dd980b8b7fc95f9d4829a9
3d7441884885973443110d5f8350796866873b7a
6f33506581fbcafc0bf02d08bce17fe3e08c6d05965c989d3b9288410fec2768
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/3516.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 7464
x-amz-id-2: zy4KiDGvP+ffaI9y3dIPh4R8Tk1Z2eAkVZnKOcVq2DjxU4dIoPjgSNSkCEW2wU85942juhBKV2gIQAOxmFPNcA==
x-amz-request-id: N3CGJ5RZRAV03F64
last-modified: Tue, 13 Aug 2019 15:04:56 GMT
etag: "04a468b469dd980b8b7fc95f9d4829a9"
x-amz-version-id: rnEnSGtrYqLXujLVmNIeGbjsUzkTqQLD
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/11869.png
178.253.14.166200 OK 6.6 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/11869.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f5f565bceba098ef06b6dc95dda47f8
6fcea9353aa1b914b5df1cd6e278ebc08766db9b
798409a983560cc962f6954d0dbbfb9ead2f68e53719d785afe9b9b2d90c12c0
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/11869.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 6578
x-amz-id-2: yUds0rb/bXCztxn0J8uz8NRiY7hwCE4lQbUwNCb5uRaxfRjIw5AWBkf2GFszV5+NsMoknp4NJeTTo6WQbFNHRQ==
x-amz-request-id: N3CHWSE9JJ0DS6GJ
last-modified: Tue, 13 Aug 2019 14:52:14 GMT
etag: "6f5f565bceba098ef06b6dc95dda47f8"
x-amz-version-id: kmwx8UFGtLWdV0Fo7ClsA94RB.Eob87D
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/33421.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/33421.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 2d8f1289246627583edd18ab6f409e47
00b8cd65e503158a9246b718222a259eaa0267d2
8102d15f631d817da05e9767e384cb29ee44d79f9582742b51966c4b88a8fb3b
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/33421.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 10981
x-amz-id-2: hDNfbQra+lgI1tzkfvfaPtrkK0xU+eurfPU71fa49dTOQfFGtb949eyU3uVDQp96DJCBT9fo4rCwQ4sNqhywww==
x-amz-request-id: NFYW2TDWYJ0MH9A3
last-modified: Tue, 13 Aug 2019 15:04:36 GMT
etag: "2d8f1289246627583edd18ab6f409e47"
x-amz-version-id: vsbJ3RTmuBgIXRcRBczfGdO5sA3az.kd
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/11863.png
178.253.14.166200 OK 18 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/11863.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash c34435ae849a7dc1751080f135901449
5df948ed267f9db3f4b5502a0f95218d1b17f1ae
7567a31a51ecd340de58489530e8a64caad07f0104aedec4f2305ae961c25111
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/11863.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:00 GMT
content-type: image/png
content-length: 18134
x-amz-id-2: yF2cmIeHVs0lGUoKuwOju7Q/0budx2sMtjw9NBnox+RMmeJnwoq0n9WBpY7d5jusdLp4+asBPMAWYminWZQKBw==
x-amz-request-id: NFYJBFQ910B55HBX
last-modified: Tue, 13 Aug 2019 14:52:14 GMT
etag: "c34435ae849a7dc1751080f135901449"
x-amz-version-id: KVDkuACZdhy6y40eD9XCHkHI9xisglWi
expires: Sun, 04 Dec 2022 08:47:00 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/4b3b02e4.modern.js
8.254.252.212200 OK 8.4 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/4b3b02e4.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (35397), with no line terminators
Hash cd490d3c8bb2bcc71aee69710735cd40
76d4fad06e341911bf5942bb8c312384b105b8de
b60d9c35195d6ea7535afcd759f44b52ac0a14352568cdb6c93d798e500acded
GET /_nuxt/desktop/default/4b3b02e4.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 8438
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-20f6"
expires: Sat, 03 Dec 2022 21:38:01 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40145
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/27194e15.modern.js
8.254.252.212200 OK 4.7 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/27194e15.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (16540), with no line terminators
Hash fe3b2ccf6792a07cfd1fe163eca6679b
2d7df5c3a76cb40df70ea916e8175f3e3ff6ee05
3d81396382145bd02d525c5e889ff2b1c66096379ef23ffd77c225abe7dfb74c
GET /_nuxt/desktop/default/27194e15.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 4731
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-127b"
expires: Sat, 03 Dec 2022 21:38:20 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40145
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/2c231180.css
8.254.252.212200 OK 1.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/2c231180.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (4693), with no line terminators
Hash e2dd8ba86790ec6ee2d17db0378a4a0d
abc56372e11001323446f6c4e497fba43ae0313d
6889ee03cfee10d2c23b60c3277274c40e04c78d4b3401434aee6ca50cf11965
GET /_nuxt/desktop/default/css/2c231180.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: text/css
content-length: 1205
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-4b5"
expires: Sun, 04 Dec 2022 08:29:13 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1069
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/c42ea890.css
8.254.252.212200 OK 1.0 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/c42ea890.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (4394), with no line terminators
Hash 4a4d7eee11d2390f419b8718f928d10c
a4b3f529651602ae1156404a329917406dde3bd9
79a2e48343abaedca2867da8ef45610e41ae517ce2b2376037aafc21a7ae040c
GET /_nuxt/desktop/default/css/c42ea890.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: text/css
content-length: 1004
cache-control: max-age=86400
content-encoding: gzip
etag: "6389a8f3-3ec"
expires: Sat, 03 Dec 2022 13:38:03 GMT
last-modified: Fri, 02 Dec 2022 07:27:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 68950
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/14f509f8.modern.js
8.254.252.212200 OK 5.6 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/14f509f8.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (17989), with no line terminators
Hash 660a06fd0ab25a872182e37207c5859e
015b1e9f67ebe3db151e1c34f5c10e5c736fedea
aa5d7c483b1ccf732f58f6b7d8719b46a20d4072e033738b25dd6208cbd4eb40
GET /_nuxt/desktop/default/14f509f8.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 5574
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-15c6"
expires: Sat, 03 Dec 2022 21:38:48 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40145
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/79414b12.modern.js
8.254.252.212200 OK 7.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/79414b12.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (27019), with no line terminators
Hash 35823b84ed69d2ffcd549eb49b278660
f84da9576c4049512f1c828c83f7173d9abe0c73
70a5294be01c263f48b659c156ba05fa51097d0e31ca1856046984d8592d5258
GET /_nuxt/desktop/default/79414b12.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 7249
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-1c51"
expires: Sat, 03 Dec 2022 21:38:34 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40145
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/9ecbbc89.modern.js
8.254.252.212200 OK 17 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/9ecbbc89.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (41008), with NEL line terminators
Hash c7059ba25931abab08e0f4f9dd191e96
97dcbbd4701ae7c292e2c99d3c49d0baf71b979a
f11d846f156c06957ba0ad491aaf8ac495a13fb25b6d43a62bd81edb24afffb7
GET /_nuxt/desktop/default/9ecbbc89.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 16805
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6842-41a5"
expires: Sat, 03 Dec 2022 21:38:00 GMT
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40145
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/9b8abd5c.css
8.254.252.212200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/9b8abd5c.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (6523), with no line terminators
Hash 4f5e039c3fca8784e758f52f65a571c2
3819b34cdc360e27cf360deab04f1e0762482610
33712de5b3ae67ccebbe547fcbb6ba6a8ea399d35e9994142abc7ef7d5cdc502
GET /_nuxt/desktop/default/css/9b8abd5c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: text/css
content-length: 1111
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-457"
expires: Sun, 04 Dec 2022 08:29:12 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1070
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/88c23522.modern.js
8.254.252.212200 OK 3.9 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/88c23522.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (17802), with no line terminators
Hash 36b3b62c1430470b288c527d538d5035
ef564c48bc363ed4db80f4e13bc95a4446eadef0
afe41cb99d8bdfd8e4d8ad554854a0ae68191305a56ae47c3116fbe951080775
GET /_nuxt/desktop/default/88c23522.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 3904
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-f40"
expires: Sat, 03 Dec 2022 21:38:09 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40145
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/d9c7b704.modern.js
8.254.252.212200 OK 11 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/d9c7b704.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (40008), with no line terminators
Hash 32d575d6db8c28d2652e33a4d5659d95
bbb8fa13574947bfe5b4bd2033f68029d77fe9ca
8b1e4643ace7110eb7ee5df74d37af0e69ba3cd47b429e1a53e775efca5b8cda
GET /_nuxt/desktop/default/d9c7b704.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 10723
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-29e3"
expires: Sat, 03 Dec 2022 21:39:03 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40145
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/36c9343a.css
8.254.252.212200 OK 912 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/36c9343a.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (3693), with no line terminators
Hash 1b7cc7024ef238173e96baf5dc448d32
a082b995c9ff91d8329b69f7f6fd917470b131d8
8eb90f00e3a2beefd31f5df844497b4e60988655f68946d865251c7feff4b778
GET /_nuxt/desktop/default/css/36c9343a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: text/css
content-length: 912
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-390"
expires: Sun, 04 Dec 2022 08:29:27 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1056
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/bd52bd99.css
8.254.252.212200 OK 869 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/bd52bd99.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (3419), with no line terminators
Hash 8802fad000749cd92762f672c89d357d
761043d4bcc6d825128385e3c28b2abfadff9b69
a25ca7008fe67ee25dfc3d77275c12793358b3b6126a44d6778dfa7f8ec13d2f
GET /_nuxt/desktop/default/css/bd52bd99.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: text/css
content-length: 869
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-365"
expires: Sun, 04 Dec 2022 08:29:13 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1068
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/d35090cc.modern.js
8.254.252.212200 OK 1.8 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/d35090cc.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (4822), with no line terminators
Hash a6333531a7f0b6150bddc6f2ae24a19a
feb02665cf3780a4908d62c7c0502536e861aa66
d8ef3e75416a07f637fc72af6549e7bb9966f04a4f5fbedad145ca3705efaa6b
GET /_nuxt/desktop/default/d35090cc.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 1810
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-712"
expires: Sat, 03 Dec 2022 21:38:34 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40145
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/24b85293.modern.js
8.254.252.212200 OK 879 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/24b85293.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (3162), with no line terminators
Hash ec1512326c91dacf9f8b44aa233bbc58
b62391d7da29e4bf2cb993407275562652baf775
662c452ac9eaa230611c0774b4cc3c9a089c2279c41e72bf37ce19a0e4071a00
GET /_nuxt/desktop/default/24b85293.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 879
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-36f"
expires: Sat, 03 Dec 2022 21:38:34 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40145
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/17f2a34f.css
8.254.252.212200 OK 3.8 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/17f2a34f.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (21596), with no line terminators
Hash 0841c54eacc0863802d73b3c0772bc5f
eb7d893ef1032beeef9e61028a8603fd53a2f04e
cddb70033b8f6d204de3fd9373c908c5d67bec1484e238a7aeee8ea18eb245d7
GET /_nuxt/desktop/default/css/17f2a34f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: text/css
content-length: 3810
cache-control: max-age=86400
content-encoding: gzip
etag: "6389a8f3-ee2"
expires: Sat, 03 Dec 2022 11:38:06 GMT
last-modified: Fri, 02 Dec 2022 07:27:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 76139
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
8.254.252.212200 OK 454 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (1429), with no line terminators
Hash 3ef2b8ba6a3526a39954a0a10aba35b7
048a604c003e56843f7223d68486a13f7bc02943
f75cfb56d6719c69a3999875215398d444a8a5c73d5000098198c6452acbb80b
GET /_nuxt/desktop/default/css/c2b74bc7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: text/css
content-length: 454
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6842-1c6"
expires: Sun, 04 Dec 2022 08:29:13 GMT
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1068
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/6816f815.modern.js
8.254.252.212200 OK 14 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/6816f815.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 51adfb86ab8c00c2b97cfb190d76e01f
63f973a21ef912f04768dc52e522f2c1000e5958
1ef821e9d29ebfe811ccad3069e896ec7e4fb5de777db8a7cafbf756708c6b33
GET /_nuxt/desktop/default/6816f815.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 13454
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-348e"
expires: Sat, 03 Dec 2022 21:38:51 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40145
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/fef63bc3.modern.js
8.254.252.212200 OK 330 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/fef63bc3.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (397), with no line terminators
Hash 7c8969aa8fa77c71341607e3751088a9
00d5a6606f36487851cef92082acbf6476b12cbf
f12ce251827d7cd21bba6a99469f61538bb9ab6e68d2429b04f9df52560c9e96
GET /_nuxt/desktop/default/fef63bc3.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 330
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-14a"
expires: Sat, 03 Dec 2022 21:38:51 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40145
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/cefdc903.css
8.254.252.212200 OK 508 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/cefdc903.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (1570), with no line terminators
Hash 407282b72b766ff8bb504e6c6111c2f2
2f187937e2a5b0b8876b2815b77b2389d5b62a98
0571d1ff3828485f8d28670419fb8e7cea41d0c55396d07d5d22997cfbe3abb0
GET /_nuxt/desktop/default/css/cefdc903.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: text/css
content-length: 508
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-1fc"
expires: Sun, 04 Dec 2022 08:29:27 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1056
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/b0e615fc.css
8.254.252.212200 OK 2.0 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/b0e615fc.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (18717), with no line terminators
Hash c7e379c6dd6ad0cea02bbd481745213e
2e29ba4e194ce2a75d0040f9cae47aa1c1093ce8
e6458342af05bbfd3a550bc95e4e1a28805a497c4805eeb92f5fc2ad9d16a768
GET /_nuxt/desktop/default/css/b0e615fc.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: text/css
content-length: 1999
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-7cf"
expires: Sun, 04 Dec 2022 08:29:18 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1066
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/7ac812ef.css
8.254.252.212200 OK 1.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/7ac812ef.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (5224), with no line terminators
Hash f00b03e099a232bc5f08fcb1042ae13d
51fa0abddb8ccd8806efcf1872db16a46defd6c4
4a23a179f01d554e11064d32419cfb999b7529f83ca213bba8eda7c55011bb76
GET /_nuxt/desktop/default/css/7ac812ef.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: text/css
content-length: 1232
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-4d0"
expires: Sun, 04 Dec 2022 08:29:18 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1066
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/2ec0835f.modern.js
8.254.252.212200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/2ec0835f.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (2452), with no line terminators
Hash a459a847f703668ae65bccf0688d4425
91042e4ba34dadb89fa84556c6e597b852429285
544703d999d773746720ec3cc866ba87184e19f54de39b6b6b8e790145ec117a
GET /_nuxt/desktop/default/2ec0835f.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 1061
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-425"
expires: Sat, 03 Dec 2022 21:38:54 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40148
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/domain-api/api/v1/domains/lite-1x36781678.top
178.253.14.166200 OK 86 B URL HTTP/2 lite-1x36781678.top/domain-api/api/v1/domains/lite-1x36781678.top
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d6ce170df0fd95ce1ace683582698106
54337307d42777444d983f580ae04db2811b2c1c
bf25f0e6d9bc1fa43c30596d7292607f8bbf2222f38b9104106731b0a73b02ae
Analyzer Verdict Alert quad9 Sinkholed
GET /domain-api/api/v1/domains/lite-1x36781678.top HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/vnd.api+json
content-length: 86
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/GetLiveExpressExtendedZip?lng=ar
178.253.14.166200 OK 932 B URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/GetLiveExpressExtendedZip?lng=ar
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1574), with no line terminators
Hash da1d9f6e79c746d1f13561792d231c7e
5e1936c8a464d87cd3d95ae25d2336dcce346132
967f094a9b6c46e0bffd7533988689fb3c2777c73b0aabd0d096903126f29c9a
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/GetLiveExpressExtendedZip?lng=ar HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/json; charset=utf-8
content-length: 932
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LineFeed/GetExpressDayExtendedZip?lng=ar
178.253.14.166200 OK 956 B URL HTTP/2 lite-1x36781678.top/service-api/LineFeed/GetExpressDayExtendedZip?lng=ar
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1808), with no line terminators
Hash c2b2016dae50d2865d4dda3d5eac3575
347fbed756f39c6db96a5a3a7a15079e4c5b1c28
27cf343b630b6707c52ae015cfa32816e9c12cb131ec4bddfd07bf9ada8bc6e9
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LineFeed/GetExpressDayExtendedZip?lng=ar HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/json; charset=utf-8
content-length: 956
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/GetTopGamesStatZip?lng=ar
178.253.14.166200 OK 1.8 kB URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/GetTopGamesStatZip?lng=ar
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5061), with no line terminators
Hash 04a9fd30d9c84c228dbd26931f254404
7264857a719bf6d925416274513e84d7dfa5e9f9
aab9dd35f8e9a1f0f44a300cbe6a991c6c6f06be44215a2711add47f678b18d0
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=ar HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/json; charset=utf-8
content-length: 1804
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/WebGetTopChampsZip?lng=ar&gr=285&country=137
178.253.14.166200 OK 88 B URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/WebGetTopChampsZip?lng=ar&gr=285&country=137
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cb41a88ff43bbf14302fe7266a35d76d
4c0c7d1c22c7a6c4c661df8966d9154536fa4313
2de5c51dc3d129eb5567c2f67ea3afb49535ea570887202c1ab058570fec4270
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=ar&gr=285&country=137 HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/json; charset=utf-8
content-length: 88
cache-control: no-cache
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/user/secure
178.253.14.166200 OK 58 B URL HTTP/2 lite-1x36781678.top/web-api/user/secure
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 237b9b004f7a834388e1ef61859460e5
84892ef7d5977622413c9c5a51ead6d14fab13e5
3f590d500263164b5aaef81952a8f339226759c2d1dd3345801a24e5159905d3
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/user/secure HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Origin: https://lite-1x36781678.top
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/json; charset=utf-8
content-length: 58
server-timing: dt_285;dur=51
set-cookie: is_rtl=2; expires=Sun, 03-Dec-2023 08:47:01 GMT; Max-Age=31536000; path=/; HttpOnly
tzo=3; expires=Sun, 03-Dec-2023 08:47:01 GMT; Max-Age=31536000; path=/
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
fast_coupon=true; expires=Sat, 10-Dec-2022 08:47:01 GMT; Max-Age=604800; path=/
v3fr=1; expires=Tue, 06-Dec-2022 08:47:01 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax
_glhf=1670074997; expires=Sat, 03-Dec-2022 09:47:01 GMT; Max-Age=3600; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/Get1x2_VZip?champs=1938952&count=100&lng=ar&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
178.253.14.166200 OK 88 B URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/Get1x2_VZip?champs=1938952&count=100&lng=ar&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cb41a88ff43bbf14302fe7266a35d76d
4c0c7d1c22c7a6c4c661df8966d9154536fa4313
2de5c51dc3d129eb5567c2f67ea3afb49535ea570887202c1ab058570fec4270
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/Get1x2_VZip?champs=1938952&count=100&lng=ar&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/json; charset=utf-8
content-length: 88
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=ar&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
178.253.14.166200 OK 10 kB URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=ar&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (41244), with no line terminators
Hash e847fde0c2d9d60a2776aa84a6d38fbf
9bd1c4980ba2ed507c8b9736ee11da096e52b334
32fbd87f00cffdfb34c4698f8a0a759d4d2f6cb253a13e6b3485ef8c431d0c02
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=ar&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/json; charset=utf-8
content-length: 10042
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/6e3b5baa.modern.js
8.254.252.212200 OK 5.4 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/6e3b5baa.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (13517), with no line terminators
Hash 41f4f326e58b686799064710861612ab
1cb54821c1a9eedd935791e2dfd0a59d85446940
6886a6936273adfb2abffd62645021d187ffa9b9f1a6e6f268240fa9ca081a5b
GET /_nuxt/desktop/default/6e3b5baa.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 5364
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-14f4"
expires: Sat, 03 Dec 2022 21:38:10 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40159
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/external-api/getFirstDepositBonus
178.253.14.166200 OK 26 kB URL HTTP/2 lite-1x36781678.top/web-api/external-api/getFirstDepositBonus
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 61b5ee76a707aefc2d97376aa4e63fd7
ccf9508816c0ad2815bd991609b04ac25171b32f
b59b31af3ae1ff397f81761d64eb900d1b3eb07cd000670290b714ede85d81b8
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=35, dt_285;dur=38
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LineFeed/Get1x2_VZip?champs=1938952&count=100&lng=ar&tz=3&mode=4&country=137&virtualSports=true
178.253.14.166200 OK 5.5 kB URL HTTP/2 lite-1x36781678.top/service-api/LineFeed/Get1x2_VZip?champs=1938952&count=100&lng=ar&tz=3&mode=4&country=137&virtualSports=true
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (30144), with no line terminators
Hash 3571b22537cf928abf3aa6f83ee3a9e8
a3c82e4871a652ae8d70821811f248e27db4bf1c
bc6f01553cdd0f5ff4d8847047920e56eeee30aaefa1692381160e7c9a9499f4
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LineFeed/Get1x2_VZip?champs=1938952&count=100&lng=ar&tz=3&mode=4&country=137&virtualSports=true HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/json; charset=utf-8
content-length: 5456
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/external-api/getFirstDepositBonus
178.253.14.166200 OK 173 B URL HTTP/2 lite-1x36781678.top/web-api/external-api/getFirstDepositBonus
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 43e09d513ba96e6e1e5b34bca0a4fb63
715bcf2071fedb5682e92eb56b6cb96b6ce5d8ca
2bd88b9de2451f5a02f7232648f48b12df9f5c6e237e13cd62ba96bc47e6976c
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=30, dt_285;dur=31
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LineFeed/Get1x2_VZip?count=20&lng=ar&tz=3&mode=4&country=137&virtualSports=true
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/service-api/LineFeed/Get1x2_VZip?count=20&lng=ar&tz=3&mode=4&country=137&virtualSports=true
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (50462), with no line terminators
Hash 34cffeac83de3863519b3be0cbce6c06
fedf61559fb0dd2170894b48e0c035c4700bba0f
28df9509df1a1e9acdf0ac07d25e23d49837aa27b86015792149786cd2298de4
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LineFeed/Get1x2_VZip?count=20&lng=ar&tz=3&mode=4&country=137&virtualSports=true HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/json; charset=utf-8
content-length: 10975
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/games-images/ico-logo/white/desk/343.svg
8.254.252.212200 OK 11 kB URL HTTP/2 v3.traincdn.com/sfiles/games-images/ico-logo/white/desk/343.svg
IP 8.254.252.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (22224)
Hash ec2f953bc550d8559d5d3847c0ac61b5
02169e4bbc5964848d6f46ff239794e32db6e589
e2cae2e289d45b0ea140ae52bc05800717dfc7a0122a85d651bfd2eefd312373
GET /sfiles/games-images/ico-logo/white/desk/343.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:02 GMT
content-type: image/svg+xml
content-length: 10983
cache-control: max-age=86400
content-encoding: gzip
etag: W/"4fc440a1a3d8be975531b9e083d83b93"
expires: Sat, 03 Dec 2022 10:14:06 GMT
last-modified: Wed, 16 Nov 2022 15:19:43 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-meta-origin-date-iso8601: 2022-11-16T14:16:25.000Z
age: 81176
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_ar_0.js
8.254.252.212200 OK 4.1 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_ar_0.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (12840), with no line terminators
Hash 3323a2517e4e35352a6dfd4849cdd4a8
8867927017f16b0338723eacc7c68eab9afaa37a
ff4b65680263d6a398ddca1dbf388ac722604ada6cc63e5d988d4f2372c42f97
GET /genfiles/cms/betstemplates/bets_model_short_ar_0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:02 GMT
content-type: text/javascript
content-length: 4098
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"dd41654a521ab7e782d4e0f4c085dfa6"
expires: Sat, 03 Dec 2022 08:49:02 GMT
last-modified: Thu, 01 Dec 2022 14:46:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_map_short_ar.js
8.254.252.212200 OK 533 B URL HTTP/2 v3.traincdn.com/genfiles/cms/betstemplates/bets_model_map_short_ar.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (1159), with no line terminators
Hash cb0bdb34d069aeb5a0f2630dcd4df997
2bd9b5c6bf1620884f7adc05dd703c4d8fd2c2a2
855192c03e2bde76f2eb91a015518e2ab4f3b7e44675994c9094f29ee70a8678
GET /genfiles/cms/betstemplates/bets_model_map_short_ar.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:02 GMT
content-type: text/javascript
content-length: 533
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"99b26733451b84def913aab8ee57fcb0"
expires: Sat, 03 Dec 2022 08:49:02 GMT
last-modified: Thu, 01 Dec 2022 14:46:29 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_ar_0.js
8.254.252.212200 OK 5.0 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_ar_0.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (19981), with no line terminators
Hash 3c6605805e59def448c7140f61f5e7d0
d32e503de4561a89cfcde8cfda212c7c1e293851
34e5e57fbb7ad4c68f8c05d0c03072ef3bfcf8584e675ba3c37078795362e608
GET /genfiles/cms/betstemplates/bets_model_full_ar_0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:02 GMT
content-type: text/javascript
content-length: 4956
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"f4bdb191cb72a80ee173af8b52da41e1"
expires: Sat, 03 Dec 2022 08:49:02 GMT
last-modified: Thu, 01 Dec 2022 14:46:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 0
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.227200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x36781678.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 08:09:46 GMT
expires: Fri, 01 Dec 2023 08:09:46 GMT
cache-control: public, max-age=31536000
age: 175036
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/fff39798344c1481ce6f41b90ba0d8ec.png
178.253.14.166200 OK 16 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/fff39798344c1481ce6f41b90ba0d8ec.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash f060fb23ce37c2e5243d9ad02416ac80
020d2ce9218e5567843548858fc6b8b74175a63a
deffed980479f5a8a8599f14bd025f1519c72b670ad329a5e84596b3ee5b25b4
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/fff39798344c1481ce6f41b90ba0d8ec.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:02 GMT
content-type: image/png
content-length: 16285
x-amz-id-2: nylUYYoefFwpWX9vW+YJshGuf71PD+ZtgU/sY6Fw7clZ89O3ZbEPy4ybpgJwKp8ZfFaEQwvoR3r/sw1sEkCD2A==
x-amz-request-id: W0BW8F321DK4S2EG
last-modified: Fri, 08 Oct 2021 07:12:34 GMT
etag: "f060fb23ce37c2e5243d9ad02416ac80"
x-amz-version-id: 3BfZ_e6K1RFPAAMFbfj3eGhGgYIPWcpT
expires: Sun, 04 Dec 2022 08:47:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/external-api/config/getVideoAccessConfig
178.253.14.166200 OK 14 kB URL HTTP/2 lite-1x36781678.top/web-api/external-api/config/getVideoAccessConfig
IP 178.253.14.166:0
Hash 4ecc1c45f7b11233bae70c3633082603
abb3a1c957a65522c073219c8b41de1cc610e2c7
94e5bc26c92c55cab84fa2e46d06e855b5c881352fe88660ea09d6fc05334627
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/config/getVideoAccessConfig HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=58, dt_285;dur=59
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/65be50c50e8215ab8319add34ae43703.png
178.253.14.166200 OK 19 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/65be50c50e8215ab8319add34ae43703.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c3d91640bc476a28e3c8a0467fc4e9e
df4d32c85566dc781b8634d7c139ec328fc5d960
337b67120eb21f71797692b79176f552500755fcb4404aa6498289ab7d6b08bd
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/65be50c50e8215ab8319add34ae43703.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:02 GMT
content-type: image/png
content-length: 18564
x-amz-id-2: FP3IqOLDAzwTwWpwD8gt/GZETNj86Jt2HvanEisd0HIRHEhbiDeOoI0ppz4es9z+alT3omzHbTztl5O0xaBVPQ==
x-amz-request-id: W0BPRCFFWVT43QAN
last-modified: Mon, 22 Aug 2022 09:14:39 GMT
etag: "5c3d91640bc476a28e3c8a0467fc4e9e"
x-amz-version-id: 7tLeVz10sfM2ERCwoC8RSkQrtkc_LRT1
expires: Sun, 04 Dec 2022 08:47:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/6f0ba298d5ff358ad46a0d99f96f15d3.png
178.253.14.166200 OK 21 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/6f0ba298d5ff358ad46a0d99f96f15d3.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f0ba298d5ff358ad46a0d99f96f15d3
2cad320b695b1c92488ed56ad78c590f517b9541
26e628bc553448c3c48e74111ae30e77b17343aa52df85d40da5944a8f06dd4b
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/6f0ba298d5ff358ad46a0d99f96f15d3.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:02 GMT
content-type: image/png, image/jpeg
content-length: 21034
x-amz-id-2: /yXwpIP49DJNFZorAw0WvLLpwFMuwBYGnS7hb8HzMysN46zXj+Pll/hhmXjZVhw8Obu3z+jiAOES1IL4ecUNng==
x-amz-request-id: W0BYZHW0MJWC078Y
last-modified: Wed, 09 Oct 2019 06:10:14 GMT
etag: "6f0ba298d5ff358ad46a0d99f96f15d3"
x-amz-version-id: XsZIoJ4aVFnZdRQzhDyLJ8M0SMrJMfY7
expires: Sun, 04 Dec 2022 08:47:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/d48703c484ec89120559829ca0e95b41.png
178.253.14.166200 OK 29 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/d48703c484ec89120559829ca0e95b41.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash d48703c484ec89120559829ca0e95b41
400ff071a1c6919e6bc721566978ea2d1acb1d8a
04b06e00a1980d34203b7f7b820bbd5bb4a89502b76ac0064e4f4f8a12e86838
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/d48703c484ec89120559829ca0e95b41.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:02 GMT
content-type: image/png, image/jpeg
content-length: 29449
x-amz-id-2: P7GtOAvFURHEp+Med5Kvv2bpr+5aWqi/uhek3MJDGx98hpRu5PJi2MiAMst4vB5SNNy+kSps0i0O6Zmi/oxosQ==
x-amz-request-id: PQ09DKGXD6ZABA26
last-modified: Thu, 02 Jan 2020 03:34:39 GMT
etag: "d48703c484ec89120559829ca0e95b41"
x-amz-version-id: FjKOJTtY3rMb4SwWwq7iX8f3SPMqnfdM
expires: Sun, 04 Dec 2022 08:47:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/86b51d95732ad1f3be1299f3c7f2cb4b.png
178.253.14.166200 OK 29 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/86b51d95732ad1f3be1299f3c7f2cb4b.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 71fc54920e915466851ac76a43bdd9e0
f34a59b84cb29396e6a0af06d4862fbc3bfceb7d
103af236e233fb4bb5d3d4be48779955b90a398fbe8ff29fdf046091f8ec87d1
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/86b51d95732ad1f3be1299f3c7f2cb4b.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:02 GMT
content-type: image/png
content-length: 29369
x-amz-id-2: MtviDREeu6D6Pujo20SJ791FaRR34muiCDcS5IV1WYX5+qNI3WEwUQ4SjS9Ntsxj+YLehGRq3I96k9fPIuGxCg==
x-amz-request-id: PQ05BA77MB5AMV7J
last-modified: Thu, 08 Apr 2021 13:42:49 GMT
etag: "71fc54920e915466851ac76a43bdd9e0"
x-amz-version-id: o0SF_f0UKfHqSpxi.2VawVfkw5Ub22q8
expires: Sun, 04 Dec 2022 08:47:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_ar_1.js
8.254.252.212200 OK 3.0 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_ar_1.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (10546), with no line terminators
Hash 09da5ac3b60af1a8588d011cc8e9602d
4de10197fca0d15425737ef219cad2c340d2ceaa
33e2e0b17e3f6c4812cf6425895143f7214c9e433cbeb42539bb5cc1d10a1655
GET /genfiles/cms/betstemplates/bets_model_short_ar_1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:03 GMT
content-type: text/javascript
content-length: 2992
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"dc987650799522ed0f3b8a8372ae5fe6"
expires: Sat, 03 Dec 2022 08:49:03 GMT
last-modified: Thu, 01 Dec 2022 14:46:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 4
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/344c9eb13679da8d34d1d49f22c72d44.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/344c9eb13679da8d34d1d49f22c72d44.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 344c9eb13679da8d34d1d49f22c72d44
476e055701921a1da0c804904ad8d77045654784
aaf86b2e0859eeae113727b916667a7b40b5b1a2b85e395d156d482bd6eda38c
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/344c9eb13679da8d34d1d49f22c72d44.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 10936
x-amz-id-2: /X8IDunfBftdTb7SVW5ocRUqH3XHPnb9bRIRBCUZjJ53lXvPzTyGircgW22X9e6BoBTQRY3cHR/LUi+KAOvp8w==
x-amz-request-id: W0BQCDRMW63J4GD6
last-modified: Tue, 13 Aug 2019 15:04:48 GMT
etag: "344c9eb13679da8d34d1d49f22c72d44"
x-amz-version-id: sEdNV_PcPPxpyTrzql9Y20PRjkSppdhY
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/ced78c53a2824652c7085c1099dff769.png
178.253.14.166200 OK 4.5 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/ced78c53a2824652c7085c1099dff769.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 12019544b529b92b386f38452a6041b1
2756ae901c1ebf2aa006cf796953104720c49c46
23f588004767ef6ac812eb1380b573a5985f23734cd0d3101df7140b06d4e21d
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/ced78c53a2824652c7085c1099dff769.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 4485
x-amz-id-2: J0xxap1O89gGD1jeKdKHkgT87094LVjZMTFHVzWZ7jzExa2DzIy4hrQaLJ7QH9HFsc1HX43YthY0QI03vpa0NQ==
x-amz-request-id: W0BW45RQTGWWS63Q
last-modified: Sat, 22 Oct 2022 07:09:31 GMT
etag: "12019544b529b92b386f38452a6041b1"
x-amz-version-id: uWMtrhx6SWPHUftWm_UvFZuFErDas1O6
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/32219.png
178.253.14.166200 OK 7.0 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/32219.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 42fade5991e8fbe6ffac8bfb39293da3
0b4f0116411c3cfbd8c8bb80656cab392c3eb675
282fd92fb34f52669114f3bb04d55ebc10f2cef08a1d51ff0eb5251e03205441
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/32219.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 6961
x-amz-id-2: 48643dlH06WPOu7o4tKpLBNvPUEWoSUYi7KjwnKe53k36jhd9EJ7rA3G09cZhaSjSC7QUqggYBlJjZ6U8/9dhg==
x-amz-request-id: NNFVYETB4JTN4M42
last-modified: Tue, 13 Aug 2019 15:04:19 GMT
etag: "42fade5991e8fbe6ffac8bfb39293da3"
x-amz-version-id: Wr7Ht0iNyzLp.qVDsn88DmjKC5m2cSu.
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/daed560ad961767640f753bfc21fbf29.png
178.253.14.166200 OK 10 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/daed560ad961767640f753bfc21fbf29.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 2a55400e18997682c1b377c7ef163c53
504ee1ef7c0f1ee150bf565ec66138c85b1839a5
40069798689afb0c93eadd1b411e379d4b362cc7f23a62efb41421bbd5efa6f5
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/daed560ad961767640f753bfc21fbf29.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 9995
x-amz-id-2: t8lLIRvWXavqbShAa46MYaFLp5dbT4pmEBc2hAaquRZmqfpWXn6HuH1YrQRBX0bVtGHk0RU9JSbbro7rf9480A==
x-amz-request-id: NNFGF1FR4C5X0P4V
last-modified: Sun, 02 May 2021 02:06:44 GMT
etag: "2a55400e18997682c1b377c7ef163c53"
x-amz-version-id: tfikvkCoFJB7kNgPAkKVOWTy1u0wVS.F
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/37481.png
178.253.14.166200 OK 12 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/37481.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 21d431197ccb76c587d0fd72524fdd0a
f594e37985a911c06b770ca878024bb45490f68c
51aa88b025f281b74374399da86f5a5661a96f4f1b500e7c1f5914d3ff55614e
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/37481.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 11683
x-amz-id-2: 7Oio5hKSMnun/L8Tn1fS1D7w2QXqDn1V5Jtr1PQcWxJQ7JWzPltUVezAUbhSExTD/U/VyRWs7Z775JDuFlPSCw==
x-amz-request-id: W0BWDTHPQWNNXZ9V
last-modified: Tue, 13 Aug 2019 15:05:22 GMT
etag: "21d431197ccb76c587d0fd72524fdd0a"
x-amz-version-id: rVDe4We5al88JpHx7N6P6G1jW0voCsms
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/93a6a9c324c9071daf5601002b562a92.png
178.253.14.166200 OK 16 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/93a6a9c324c9071daf5601002b562a92.png
IP 178.253.14.166:0
File type PNG image data, 118 x 118, 8-bit/color RGBA, non-interlaced\012- data
Hash 22cc3d6fa9075a9f3149f8d7bcf6d02a
363bd97d4dfe126ca76363e0e79595f78e19b657
f33e9f7bb5d760a06fe3492679af3acabefb526615c32a639d0985e9b55b5236
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/93a6a9c324c9071daf5601002b562a92.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 15501
x-amz-id-2: aaxuR53zyuP19T2TfEGfEcR/SxeOYAwlD2OSbTMm8Y0ixENnsFGkE00k591CuN+chu2JKmibJo9AekhDYva9AQ==
x-amz-request-id: W0BHQNSCRH274XXE
last-modified: Sat, 27 Nov 2021 05:05:56 GMT
etag: "22cc3d6fa9075a9f3149f8d7bcf6d02a"
x-amz-version-id: S8LsoHuJXDRuEGnEPXNJf6.CmrC_sMOI
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo-champ/dfdd6828985b3ad5c43dd14fcb4637a1.png
178.253.14.166200 OK 7.3 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo-champ/dfdd6828985b3ad5c43dd14fcb4637a1.png
IP 178.253.14.166:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 2aec28444ed529496afa6289e9b5e55e
1a95a7396f487c1d0c0c64171eaf9bced7aa036c
5833ed97d15a8186372119274aa926770a4a0b56e00c67a0e9c0bce813683455
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo-champ/dfdd6828985b3ad5c43dd14fcb4637a1.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 7298
x-amz-id-2: S7fU0gNsth1lwvhhMweekZfJTi3sW/aDczBIrmf+GvvrEPGmyjwPdG2qR5LetUbrvXJR1WwMJQ5M1edMryy5YQ==
x-amz-request-id: W0BQPGCZHXVWE5GB
last-modified: Thu, 29 Sep 2022 13:17:53 GMT
etag: "2aec28444ed529496afa6289e9b5e55e"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/19787.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/19787.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e9c33ff3cb0f246e67cd0ce669b6c153
93ffc0086a3bbcc577302ca0ed16b4a305018ee7
268bb3752bc873f4a26c4c13380b8ed2bab575ecffe2525385171dae177956ed
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/19787.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 12817
x-amz-id-2: hDLcB42/nMJTA+mT2k1ZfrQ2VJ86jD5RLdsWCVwhUcJgzQUNMAx6yluxykV+71lS+oYwJ/eh3Yks7q8LpSqwAg==
x-amz-request-id: W0BS6XCCB6YK5KNX
last-modified: Tue, 13 Aug 2019 14:57:33 GMT
etag: "e9c33ff3cb0f246e67cd0ce669b6c153"
x-amz-version-id: IPYnB2dNtIL_Go1809oNxxEm_irbYgU8
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/82827.png
178.253.14.166200 OK 12 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/82827.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 68733a182aeeabad17ffb4dd00b235f8
957d392c60398f8eb09aaf70183e08a2dd2a929f
fb169bcf31bd7b32e65e4748e43037416f477126e0437cd65559b864a4dd86f1
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/82827.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 11813
x-amz-id-2: lsHh0kWo82X8gNpBVKdtQANPaNlQX9Fc/X6xfhlEMvqxrqEn+Q1QkIhkw50WcmBxKBYpVbPAHJ8FzLaYUpt4aA==
x-amz-request-id: W0BSMHB0SAA7D86T
last-modified: Tue, 13 Aug 2019 15:11:54 GMT
etag: "68733a182aeeabad17ffb4dd00b235f8"
x-amz-version-id: HJ9P9wgjBN9XBZRSX9P0HpmZucfTai8Y
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo-champ/f667ef4cb839bb30fb0d97df18271cab.png
178.253.14.166200 OK 7.3 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo-champ/f667ef4cb839bb30fb0d97df18271cab.png
IP 178.253.14.166:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 2aec28444ed529496afa6289e9b5e55e
1a95a7396f487c1d0c0c64171eaf9bced7aa036c
5833ed97d15a8186372119274aa926770a4a0b56e00c67a0e9c0bce813683455
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo-champ/f667ef4cb839bb30fb0d97df18271cab.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 7298
x-amz-id-2: cbfX4uAY8kyZnqdKm71y0mjug+VaYDsVteqhR/klQtH2fL80zrEHEMiuU35jxo0+UxVnWvsp/gqPLPPFSi1eZg==
x-amz-request-id: W0BRMVCSK3TKY7CC
last-modified: Thu, 17 Nov 2022 18:25:34 GMT
etag: "2aec28444ed529496afa6289e9b5e55e"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/27385.png
178.253.14.166200 OK 10 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/27385.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash df25934ba67f169cc1f50bedfe210501
f9de5a5e1ed3fca05fe009eca0a159e77cc117b3
19e4809d2d3f648592ee76f7e9be085851fc4b7e9a251e3897bfa32bb0cfb86d
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/27385.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 10087
x-amz-id-2: xpCiUYLYZMJFA5jEHc9J8DlOKlO/DV9Dm++Es7MmC+52qiuIqw2jq8oKXq9q0zAW8JIjNXynmjEqvHZ3eLtbWA==
x-amz-request-id: 8SVFFD3VGEVHAK41
last-modified: Tue, 13 Aug 2019 15:02:37 GMT
etag: "df25934ba67f169cc1f50bedfe210501"
x-amz-version-id: 05IuFjieH7MTltc2_o_iV_PkSXC1Mofw
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/17995.png
178.253.14.166200 OK 9.0 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/17995.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 61057801637217336b5da161c8284a19
cb3deb82e1cd879dadee3f4eb6fd55101e0a90bf
ab6ac70aa195f1c1a238172f865bdcd0163ce86543ce646bdec6598f86c79cbf
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/17995.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 9029
x-amz-id-2: dtq1oWSkxD3TCE5RmBH0qT3sFsILK/PKIRpLrs+rWDjHL23CtkZTTM491nzgoPIDqPMSx/sVZcaJqfHFV56MXQ==
x-amz-request-id: 8SVBV9WYD4RT11YV
last-modified: Tue, 13 Aug 2019 14:56:14 GMT
etag: "61057801637217336b5da161c8284a19"
x-amz-version-id: Pm6Fnu56jBXdFoZUDr7UB_d95UKmiFLs
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo-champ/39012359a7c33e834b29af210c1f931f.png
178.253.14.166200 OK 7.4 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo-champ/39012359a7c33e834b29af210c1f931f.png
IP 178.253.14.166:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash e66b18b4b47f02fa8f7bd9050b794eb8
1bfe54dd9138c665271f341c74e731ff607aaab3
97ec0ed8b7b9ae6fed2a869da7d751933e4cae0dd3d03c89aadc46f5698e5723
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo-champ/39012359a7c33e834b29af210c1f931f.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 7362
x-amz-id-2: ZcC4k+GFS8PHPNa9qDdEW4OF//mESkBaqbqKtf4CASSmemTjfcwPq49AJUf2uR/m6XyVgI8SB8nf/4MT7bCpHw==
x-amz-request-id: 3AKDN5WACFTDDEBZ
last-modified: Fri, 20 May 2022 08:11:42 GMT
etag: "e66b18b4b47f02fa8f7bd9050b794eb8"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/363531.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/363531.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 42e52b321053941fb243ac3efe7e17be
e155ff187b513359db5bb1c4f922515e662474e6
002039ffeeb4749c14171a9886729f52bacaba0268acabdc18bc0ff72b1a34c7
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/363531.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 12803
x-amz-id-2: ZzC8hvB2fcsoVrhv2TE/qxv0E8cAIC0qSDpOHRUsUp6emvYXOxVMyiP4zfYZ4oyqXxjA4mlEMRs9YCO8fyCBVA==
x-amz-request-id: 3AKCEGF7P7W20RVC
last-modified: Tue, 13 Aug 2019 15:05:10 GMT
etag: "42e52b321053941fb243ac3efe7e17be"
x-amz-version-id: jZHT.p36uQfYx48bfBb6dR5gJgN51pqu
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/85589.png
178.253.14.166200 OK 9.3 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/85589.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 0d3d86d12d4ccfe83ba293ffbd8e00ed
0cce180c20a74296164143e2b3a94faff1ffbbbc
71b1faf85b6aa1a57a1bafb206d9cf3982220a055e332f0e63aa0892f4aef79d
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/85589.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 9334
x-amz-id-2: yhuYFEX1Tt/gdjp8NI15EVrQiX5INuuArp+yCV7twjugnfio5Fa0+I2QKcQUK5CMv+dDtKl2pNQYEupbZV2Pew==
x-amz-request-id: 3AKEHPKGSJRKFXJZ
last-modified: Tue, 13 Aug 2019 15:12:07 GMT
etag: "0d3d86d12d4ccfe83ba293ffbd8e00ed"
x-amz-version-id: sGyZfH5i9RldeYjjP9jBbSQMMUqiAANK
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/2115567.png
178.253.14.166200 OK 20 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/2115567.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e3cc5e272f49aaa9a68fe748950bb8a8
7a26d9830328bd907de442d0ba81cc2262be7d06
6ea11bf994a2c09fda9a368e709c3fc81ece0dfd7341f3b9a693708a49808f50
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/2115567.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 19508
x-amz-id-2: +XlsU3PY+NrGgWPWhUIr764hp0K9iTQqAwQ6iyXOb8ppnclVXFf3fzhh+6BHzwCXxFg0T49YFUXzG01sBc9TQw==
x-amz-request-id: W0BPBMGQRYK2RVBK
last-modified: Tue, 13 Aug 2019 14:58:34 GMT
etag: "e3cc5e272f49aaa9a68fe748950bb8a8"
x-amz-version-id: 8O9OGdaoqPtuwxc0tn5DAJbWQQsixlZU
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/e9b5b976bcbe25d7f020ca9956f3a750.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/e9b5b976bcbe25d7f020ca9956f3a750.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash f7d29a25dcd6f17e37f6a6ad48601b07
61a9bdde800dcd80c637b1a879d6869dc99c012c
c484c1573a300ebac0400699325f6f944374df2bae23ec8d75d441f7f36cf9de
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/e9b5b976bcbe25d7f020ca9956f3a750.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 12953
x-amz-id-2: qklJPPwUZcsJemHJBVjOkAD3FDNIM0tlVteMzRYu9A4yRMcBFBq+BnmGvh7UFqzqyuvgps8yw6BQ5RgnmBh7Gg==
x-amz-request-id: W0BJ9JFX819SKZDZ
last-modified: Tue, 09 Feb 2021 07:05:54 GMT
etag: "f7d29a25dcd6f17e37f6a6ad48601b07"
x-amz-version-id: uCq4dUdZCT6AvoeW0mnjhRFNdg8mrGcR
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/72e0fd71efa06231900f7a18d42fc5b1.png
178.253.14.166200 OK 6.1 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/72e0fd71efa06231900f7a18d42fc5b1.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 4a3ab226cdea87c8cabfaec0edc77c8d
423c93b17627c3b62a32a6eb319d70d014380276
dabef6a121cb35c8a44f988711cd352969072941c1385f80c72a3e5147cdd53a
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/72e0fd71efa06231900f7a18d42fc5b1.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 6114
x-amz-id-2: v3RS1Fj48Sq9yJLiWW/z7f8D28A2emlHlEdEPZBvMu4Oi1VZ0KL11/SqDasQbubjrPSGFMjkg56AkRLDmt2pzw==
x-amz-request-id: W0BGV1BV5F2KKXEH
last-modified: Tue, 29 Nov 2022 09:51:43 GMT
etag: "4a3ab226cdea87c8cabfaec0edc77c8d"
x-amz-version-id: YZFiEWKkMA_IPU4paRKek30cMLUlGTbN
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/3590.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/3590.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e9ef1c40db5ff4bdfe5a89c9d5891ff5
de4f6c44696c5175e142e6d1fb3a36d5b662bf56
df284d9049bbf787cf59dd501077c3d853bcd0257267952640c5e6e0599ddcec
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/3590.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 12871
x-amz-id-2: X5K4D5uslEDWYfPWAB5t0kgJh3dPhGEfifVxMZgipNUZPOBjj9i/FrZUMyNJANrJnPpc0k1RoWl/OmEUg+xRKQ==
x-amz-request-id: W0BYVP5QQH0DNBW9
last-modified: Tue, 13 Aug 2019 15:05:04 GMT
etag: "e9ef1c40db5ff4bdfe5a89c9d5891ff5"
x-amz-version-id: 9biseEguzoID0rCEFG3QWbnnQuKgiTQs
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash becc8cdba57494c6fe212eb67634e1eb
c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8
fbb25b88b10a818bb0c6ad385b1e5ba54b87672c73bfa8a9c1ecb17dcc689d5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d568a89-ee21-427a-b971-0d1500164a62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 11942
x-amzn-requestid: ba8a5d03-7796-4c6d-a6df-3cc71b1c5259
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: chqukGmWoAMFtLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a24c3-609dc90d769060d30a16e3df;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 16:16:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m6j_3bDGFIAHQYzrZ1zXqUb-HbEJ8XCoGH5mgBFOWRbLzoSiuNBnhg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:59:25 GMT
age: 38859
etag: "c8bd6bd9086e0a52b83b89dfd755e7ebba222fb8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/3546.png
178.253.14.166200 OK 16 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/3546.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash bfa384380676326533085e6284d3daf7
7782a30c5e380c283300eb634147c3056e4303fa
3e64abafa2f1247b6ed38cfb91414255c64d9d71d7e18b5667a6255958677ac2
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/3546.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 16089
x-amz-id-2: SJeLgmmmH8S2MKDlNRMsHHzVMeylbJAuu2hMK4Aa6ePNxQWW85L2bbMcFrC1WP2CHgFdHBMKg30MYmBfs6toCQ==
x-amz-request-id: W0BHKTP6GR6VE8WF
last-modified: Tue, 13 Aug 2019 15:04:59 GMT
etag: "bfa384380676326533085e6284d3daf7"
x-amz-version-id: yET8b28KXar6KSntfureaLdvE46L8yB0
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/cacdab3a27eb1a7fd7d7ef873ae5e00b.png
178.253.14.166200 OK 6.8 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/cacdab3a27eb1a7fd7d7ef873ae5e00b.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cacdab3a27eb1a7fd7d7ef873ae5e00b
33dd52d0fe70e248b570c49e2800ae8d058ce98a
e5bd1a57f0f178c6ff0a5cdb139823148183ad5157c763b77dff0bc58e9800d2
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/cacdab3a27eb1a7fd7d7ef873ae5e00b.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png, image/jpeg
content-length: 6810
x-amz-id-2: mOvlZ362tspGB1QEHKeLT4eKFyLmvMS1WvYLWAFsF2mNGbmxLZ1V/r4pO0sF6TNKQFRx3CoarqS2bV3WPXXUPg==
x-amz-request-id: W0BVKV78472HS4TY
last-modified: Sun, 03 Nov 2019 07:38:01 GMT
etag: "cacdab3a27eb1a7fd7d7ef873ae5e00b"
x-amz-version-id: U7x_2.J63wQifvuz0mYRXnd6rYy1G0Oq
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.png
178.253.14.166200 OK 19 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.png
IP 178.253.14.166:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 9daf8b58d38593afa8f0d1956f5f8b3d
c9a27c3c80c611a3e51964ae104db70602f2c608
d7e4042b1e80a2c83c4d71eaba92918821b514511356eb608bd6e2af8e0d61ff
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 18874
x-amz-id-2: hcf9RLS+2s2iqm7jl6fNkJs+JYccHz8JsdUQiivdH78uvgPH44HkEB1nklRMuQMmITn3Vq+XO7a1A0GvzsLrMA==
x-amz-request-id: W0BR1PAZFP5P4TG1
last-modified: Thu, 26 Aug 2021 08:40:25 GMT
etag: "9daf8b58d38593afa8f0d1956f5f8b3d"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/8514.png
178.253.14.166200 OK 8.1 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/8514.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a92e01990179fe6803936d9ef572146
4a87082ccd2bfc021ef69b903eef88abe5c8a26a
54aa0d41eb6a01b1bada4d1b7c8bf18e94936e3813d319c70c64e8891affbc37
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/8514.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 8093
x-amz-id-2: so5qee4ItLyQKb4DwyTt1XAsto1YAts+YT2YpFZfI7hgfL7D3tOjfZ3L5nvUFRAdmPkS4wDRIiFM/v0To0MrKw==
x-amz-request-id: W0BHWK4BTR6AKTKP
last-modified: Tue, 13 Aug 2019 15:12:05 GMT
etag: "0a92e01990179fe6803936d9ef572146"
x-amz-version-id: CRBSYoyCP.ii6DHBmT1KA8f.zoIoyM2N
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/8518.png
178.253.14.166200 OK 6.9 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/8518.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e0502a079111a4b09f3105e8f0bf0442
672b2ea2ce2017c625b4f0a124344a01bdf45ed2
51e60907053fcae64ae693591cf331911d3b5c79abfafa371594deebbff23022
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/8518.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 6863
x-amz-id-2: ga62qFnHTG9eWZChVZWVSmcfBhkMr7roGD4dA3Kf8UWGNPCxXYQpMCrsDI48C6XX8oGaEkiUIiWmaCy5/NwxNg==
x-amz-request-id: W0BP0A7HG7G0MT66
last-modified: Tue, 13 Aug 2019 15:12:05 GMT
etag: "e0502a079111a4b09f3105e8f0bf0442"
x-amz-version-id: lK6r6WTdtu056qL3R8KsQ2JTLRqEDCC_
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo-champ/9af23e42915f10afd2be47b9ca3db017.png
178.253.14.166200 OK 8.3 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo-champ/9af23e42915f10afd2be47b9ca3db017.png
IP 178.253.14.166:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 9af23e42915f10afd2be47b9ca3db017
56afc9db0c826e232b365aa21c60e70412673704
0332637f5419c56213f0bdebd54c2340a90f3c0f47bda8c5ddf742b7b4a5396d
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo-champ/9af23e42915f10afd2be47b9ca3db017.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png, image/jpeg
content-length: 8279
x-amz-id-2: vzPmBlXUk5IZatw8cFPtNX9TtgCoVum6mXFk+Ty0uDeoSQHg9UpMI5V6PXeyxtTFF08NARG6TaGy3wA2lG6w3A==
x-amz-request-id: W0BSHZ3Z58RJ7FDT
last-modified: Wed, 18 Dec 2019 11:39:02 GMT
etag: "9af23e42915f10afd2be47b9ca3db017"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/8252.png
178.253.14.166200 OK 15 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/8252.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash c79ed33b441366357cbb7b86c76138ae
4b425b21bb818a7ba60e147d946a77adeca58f9e
91803084d9ded61349eed417af107f25946ff82cd51eb8d8418a364c133df133
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/8252.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 15002
x-amz-id-2: 6AM8JeUmiJOCwcoHZ31ZZPjHckEqZSBkeflCDdxUZ8Vberrnfqzk1KKfjV94MIXkL5OCpr1sWZuwwAO5AZELmw==
x-amz-request-id: W0BYBPMYT09EEHN8
last-modified: Tue, 13 Aug 2019 15:11:52 GMT
etag: "c79ed33b441366357cbb7b86c76138ae"
x-amz-version-id: 93aXrCOiVkDKK2iFOOGDe8OEypsPSmTV
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/4fb2910ef6d4f8ad984f2aa4bc28b610.png
178.253.14.166200 OK 4.5 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/4fb2910ef6d4f8ad984f2aa4bc28b610.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash f988271bc96127f9b3d88e497a36f659
e8b95eeb19f378cdb46404cb1f1487d049f7cda0
4b92c8a1d55693ebe407159d479ac304a937148297688f5e1fb1a0fcf0a30f11
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/4fb2910ef6d4f8ad984f2aa4bc28b610.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 4453
x-amz-id-2: WqbD8mjIJQXgRDLhap26Sr0+1gcu5AdQIDShGUK6t+/d1TEe3HtbBgk808ok6/3eN1UnvYTP7Mr8RW+2p+e5Cw==
x-amz-request-id: W0BNB0VYCXK6VHQ0
last-modified: Fri, 20 Nov 2020 07:12:06 GMT
etag: "f988271bc96127f9b3d88e497a36f659"
x-amz-version-id: sXXI9fYJFn9.uV43OD2m4Tlu3BCVNrey
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo-champ/9adffbc80a8d207de772719c1fd5c56d.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo-champ/9adffbc80a8d207de772719c1fd5c56d.png
IP 178.253.14.166:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 9adffbc80a8d207de772719c1fd5c56d
15040286d90d2f6aa7781b2e21ba860aa88752e9
a9e1ff151cd68dd773872cd25c8497850247cedee9bd91f3c172fe5415bd1f82
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo-champ/9adffbc80a8d207de772719c1fd5c56d.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png, image/jpeg
content-length: 10864
x-amz-id-2: ccjs5Am8iuEmsy4LOhgP4xxUV+9Xl2vifhvnhhp8bkSa5+jjmawoWMgqcUU+F/IF2WTAfUiDqdiFIiDOirlqXw==
x-amz-request-id: W0BVCDEK1TF6KDFA
last-modified: Mon, 07 Oct 2019 07:09:56 GMT
etag: "9adffbc80a8d207de772719c1fd5c56d"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/6850.png
178.253.14.166200 OK 15 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/6850.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash d53de6b55255baa381574e190da823e7
f43a96efb64ee4611cad70cfbd65f6fc15a09047
0162552197989ead11601dc5205a421e05de19474a21705a2871331b99db4be1
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/6850.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 14620
x-amz-id-2: CZq2KPgqcLDFFi8JfTsL4MiWW6O1mQn8Woi7nIDSuN6R1Vp5wMRT5VSRojdEhVQ5RByRtHICzxyvcEEqolZHSA==
x-amz-request-id: W0BM07E9F7J9H65C
last-modified: Tue, 13 Aug 2019 15:10:21 GMT
etag: "d53de6b55255baa381574e190da823e7"
x-amz-version-id: bHzB0rmPfYRMKCwlQF10UX5VCk7ldo6J
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/6900.png
178.253.14.166200 OK 14 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/6900.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash ee083ae525cfe5b27ef66189306a13e0
f0236b568b70fe43ca360fc21cfd553a89692684
eb496d5e7135a09dcd3d0443082ff51c00f6eb31df45522d7e0c8070b7a2c42e
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/6900.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:04 GMT
content-type: image/png
content-length: 14213
x-amz-id-2: ihV+3G+LGsjpN2a4pSGW2HiRpCRsnrEyIOwmiTsKyftFKDDBeCcjGeDdxQM/z+cOamzpMXAboMZ3NKEe6WFNLQ==
x-amz-request-id: W0BYSZQHAYZWEVR3
last-modified: Tue, 13 Aug 2019 15:10:25 GMT
etag: "ee083ae525cfe5b27ef66189306a13e0"
x-amz-version-id: UJ9fHxG8xLLdZ3WlYgnjAhZOt6WvPG6X
expires: Sun, 04 Dec 2022 08:47:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/8b7be1b0.modern.js
8.254.252.212200 OK 636 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/8b7be1b0.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (1340), with no line terminators
Hash 55e30e6fb6ed604037ed6603f226b8c0
ff090d9c11ea920ab1692251d3609d2aa5568438
d723d5816bccb803de943808587e9e0609593f209b0eb395b36ccb59e9343898
GET /_nuxt/desktop/default/8b7be1b0.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 636
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-27c"
expires: Sat, 03 Dec 2022 21:38:03 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40142
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/b25b894b.css
8.254.252.212200 OK 418 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/b25b894b.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (907), with no line terminators
Hash 0ba2188224f315df6562e1955bce1f38
067e1310d27d823be723ec7b1a130b2b10b3a38d
e8a30381a28d76b7c1de7336ef990e8ef330e4c52462eea0d81de9143bb53d11
GET /_nuxt/desktop/default/css/b25b894b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:05 GMT
content-type: text/css
content-length: 418
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-1a2"
expires: Sun, 04 Dec 2022 08:29:58 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1038
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/GetSportsShortZip?lng=ar&gr=285&country=137&virtualSports=true&groupChamps=true
178.253.14.166200 OK 3.6 kB URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/GetSportsShortZip?lng=ar&gr=285&country=137&virtualSports=true&groupChamps=true
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (13060), with no line terminators
Hash b6106bd218373fefa68d1b3902726065
1a54b1f206c7de6d0c4fb2d3723c4e9c3974ffb3
8190797363c8f7b1c90726bc5af2ea06bb4794123967186729748d59a41654bb
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/GetSportsShortZip?lng=ar&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:05 GMT
content-type: application/json; charset=utf-8
content-length: 3590
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LineFeed/GetSportsShortZip?lng=ar&tz=3&country=137&virtualSports=true&groupChamps=true
178.253.14.166200 OK 2.6 kB URL HTTP/2 lite-1x36781678.top/service-api/LineFeed/GetSportsShortZip?lng=ar&tz=3&country=137&virtualSports=true&groupChamps=true
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (7510), with no line terminators
Hash 5b3a0e5fceed905cfbcdc1bb95e41ebb
e285c001e4fe8dea498896be95e46152bf2a5d96
888e1f3f444f6140cebac62b19ff4abb533eda4b422f4ad9c458e30142f2ea47
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LineFeed/GetSportsShortZip?lng=ar&tz=3&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:05 GMT
content-type: application/json; charset=utf-8
content-length: 2630
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 388c91a58c606964ca6323aa9917dd36
b660a689686ad234215b51e98605294e87257e2c
a5e5d71fc0fab23ed4020cddb500e5b950cb4a4b84faa27c2807694f87b29d6f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3728
Cache-Control: max-age=97777
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 08:47:06 GMT
Etag: "6389d96b-117"
Expires: Sun, 04 Dec 2022 11:56:43 GMT
Last-Modified: Fri, 02 Dec 2022 10:54:35 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 388c91a58c606964ca6323aa9917dd36
b660a689686ad234215b51e98605294e87257e2c
a5e5d71fc0fab23ed4020cddb500e5b950cb4a4b84faa27c2807694f87b29d6f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3728
Cache-Control: max-age=97777
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 08:47:06 GMT
Etag: "6389d96b-117"
Expires: Sun, 04 Dec 2022 11:56:43 GMT
Last-Modified: Fri, 02 Dec 2022 10:54:35 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 279
suphelper.com/widget/injector.js
104.16.43.72200 OK 65 kB URL HTTP/2 suphelper.com/widget/injector.js
IP 104.16.43.72:0
File type Unicode text, UTF-8 text, with very long lines (38365)
Hash 5515779393cd873a3069f584f18c8fbf
8559d5e930619ba4b975192ffe2fa87a14a494f9
efda28a8ca12cc9790d7bb3c59e696cd5b910fa4d72727a3371e6773763793d0
GET /widget/injector.js HTTP/1.1
Host: suphelper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:06 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-e69da972-5c83-4067-8339-90d3f52d256e' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://suphelper.ru wss://suphelper.ru *.suphelper.ru https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
cache-control: public, max-age=300
last-modified: Fri, 02 Dec 2022 12:57:18 GMT
etag: W/"28e6c-184d2e9a3b0"
vary: Accept-Encoding
cf-cache-status: HIT
age: 286
server: cloudflare
cf-ray: 773b091efa00991b-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 28182
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/api/converslon/load
178.253.14.166200 OK 2.5 kB URL HTTP/2 lite-1x36781678.top/web-api/api/converslon/load
IP 178.253.14.166:0
Hash c7a11d8ff1ca949c3ce20779037e3a85
1b2419788b7b02887e4f0b08ca9968d6c823442e
b2f2479b564d15143d12cc8c33e7ba97f366eb07f1b79d6ca3e6a13a2507cbc0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/converslon/load HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:46:59 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=19, dt_285;dur=21
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/api/internal/v1/proof_of_age
178.253.14.166204 No Content 0 B URL HTTP/2 lite-1x36781678.top/web-api/api/internal/v1/proof_of_age
IP 178.253.14.166:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 03 Dec 2022 08:47:06 GMT
cache-control: no-cache, private
server-timing: p;dur=29, dt_285;dur=33
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LineFeed/GetExpressDayExtendedZip?lng=ar
178.253.14.166200 OK 956 B URL HTTP/2 lite-1x36781678.top/service-api/LineFeed/GetExpressDayExtendedZip?lng=ar
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1808), with no line terminators
Hash c2b2016dae50d2865d4dda3d5eac3575
347fbed756f39c6db96a5a3a7a15079e4c5b1c28
27cf343b630b6707c52ae015cfa32816e9c12cb131ec4bddfd07bf9ada8bc6e9
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LineFeed/GetExpressDayExtendedZip?lng=ar HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=0; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:06 GMT
content-type: application/json; charset=utf-8
content-length: 956
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/GetLiveExpressExtendedZip?lng=ar
178.253.14.166200 OK 932 B URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/GetLiveExpressExtendedZip?lng=ar
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1574), with no line terminators
Hash da1d9f6e79c746d1f13561792d231c7e
5e1936c8a464d87cd3d95ae25d2336dcce346132
967f094a9b6c46e0bffd7533988689fb3c2777c73b0aabd0d096903126f29c9a
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/GetLiveExpressExtendedZip?lng=ar HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=0; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:06 GMT
content-type: application/json; charset=utf-8
content-length: 932
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/GetTopGamesStatZip?lng=ar
178.253.14.166200 OK 1.8 kB URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/GetTopGamesStatZip?lng=ar
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5061), with no line terminators
Hash 04a9fd30d9c84c228dbd26931f254404
7264857a719bf6d925416274513e84d7dfa5e9f9
aab9dd35f8e9a1f0f44a300cbe6a991c6c6f06be44215a2711add47f678b18d0
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=ar HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=0; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:06 GMT
content-type: application/json; charset=utf-8
content-length: 1804
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=ar&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
178.253.14.166200 OK 10 kB URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=ar&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (41244), with no line terminators
Hash e847fde0c2d9d60a2776aa84a6d38fbf
9bd1c4980ba2ed507c8b9736ee11da096e52b334
32fbd87f00cffdfb34c4698f8a0a759d4d2f6cb253a13e6b3485ef8c431d0c02
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=ar&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=0; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:06 GMT
content-type: application/json; charset=utf-8
content-length: 10042
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/3ef07b7dec601ea9ea100e8da8fd0a3f.jpg
8.254.252.212200 OK 233 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/3ef07b7dec601ea9ea100e8da8fd0a3f.jpg
IP 8.254.252.212:0
File type JPEG image data, baseline, precision 8, 1380x248, components 3\012- data
Size 233 kB (232658 bytes)
Hash f3fcb6c797fac9e229b871a32c34fab4
1aa1508e3c51bdf83a6b2765e911523b23503762
958088f24f00cfa9ce6bf497c04e7edce8a600fa742d013bcdecf5c2420eaf1f
GET /genfiles/cms/1/desktop/banner/3ef07b7dec601ea9ea100e8da8fd0a3f.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:06 GMT
content-type: image/jpg
content-length: 232658
cache-control: public, max-age=120, s-maxage=600
etag: "f3fcb6c797fac9e229b871a32c34fab4"
expires: Sat, 03 Dec 2022 08:45:01 GMT
last-modified: Fri, 18 Nov 2022 08:31:59 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 257
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/db4e18e99aa6e3a7b565146697a92643.jpg
8.254.252.212200 OK 87 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/db4e18e99aa6e3a7b565146697a92643.jpg
IP 8.254.252.212:0
File type JPEG image data, baseline, precision 8, 1380x248, components 3\012- data
Hash 958a144b9e1cd97fffac85706e6f8dcc
69e1af1e6a75c3bf72054c6e28553bbc00fdd85a
0462910f09410d2c7053eccc7eb2f8bf259e5171f3ff9e877f98ba57ff9547ba
GET /genfiles/cms/1/desktop/banner/db4e18e99aa6e3a7b565146697a92643.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:06 GMT
content-type: image/jpg
content-length: 86990
cache-control: public, max-age=120, s-maxage=600
etag: "958a144b9e1cd97fffac85706e6f8dcc"
expires: Sat, 03 Dec 2022 08:41:16 GMT
last-modified: Mon, 12 Sep 2022 12:33:24 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 481
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/db4e18e99aa6e3a7b565146697a92643.jpg
8.254.252.212304 Not Modified 0 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/db4e18e99aa6e3a7b565146697a92643.jpg
IP 8.254.252.212:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1/desktop/banner/db4e18e99aa6e3a7b565146697a92643.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
If-Modified-Since: Mon, 12 Sep 2022 12:33:24 GMT
If-None-Match: "958a144b9e1cd97fffac85706e6f8dcc"
TE: trailers
HTTP/2 304 Not Modified
date: Sat, 03 Dec 2022 08:47:06 GMT
cache-control: public, max-age=120, s-maxage=600
etag: "958a144b9e1cd97fffac85706e6f8dcc"
expires: Sat, 03 Dec 2022 08:41:16 GMT
last-modified: Mon, 12 Sep 2022 12:33:24 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 481
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/bdfd1109fdf8b4b43edc5b6d45af46d2.jpg
8.254.252.212200 OK 141 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/bdfd1109fdf8b4b43edc5b6d45af46d2.jpg
IP 8.254.252.212:0
File type JPEG image data, progressive, precision 8, 1380x248, components 3\012- data
Size 141 kB (140730 bytes)
Hash dba8f886dc400b4e182cc98eeaf149a6
b6d02c1291cdf276c32c95d2f55fa87ce39e6db9
d8d37f344ad701d9d8a4b424efc7f00a2ec2b94b3f9284a929179b39c7d9c970
GET /genfiles/cms/1/desktop/banner/bdfd1109fdf8b4b43edc5b6d45af46d2.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:06 GMT
content-type: image/jpg
content-length: 140730
cache-control: public, max-age=120, s-maxage=600
etag: "dba8f886dc400b4e182cc98eeaf149a6"
expires: Sat, 03 Dec 2022 08:47:36 GMT
last-modified: Fri, 28 Oct 2022 10:45:34 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 100
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/2b0549fdaffbe63aa1982e209e0acb7e.jpg
8.254.252.212200 OK 46 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/2b0549fdaffbe63aa1982e209e0acb7e.jpg
IP 8.254.252.212:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1380x248, components 3\012- data
Hash 0c774d051a9a15f3392f411d2bee4f1b
1d0ce594bde1ce653836b67cfa75fe7962d702bb
be101cff57c0dda8bf6b102e25749037c7e5f5a9046a758c1e4189ffed15cf56
GET /genfiles/cms/1/desktop/banner/2b0549fdaffbe63aa1982e209e0acb7e.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:06 GMT
content-type: image/jpg
content-length: 45802
cache-control: public, max-age=120, s-maxage=600
etag: "0c774d051a9a15f3392f411d2bee4f1b"
expires: Sat, 03 Dec 2022 08:39:28 GMT
last-modified: Tue, 04 Oct 2022 09:20:11 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 587
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/0c87fbd20483dc3e670eded5d6c41be9.jpg
8.254.252.212200 OK 204 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/0c87fbd20483dc3e670eded5d6c41be9.jpg
IP 8.254.252.212:0
File type JPEG image data, baseline, precision 8, 1380x248, components 3\012- data
Size 204 kB (203640 bytes)
Hash 7b0d5e7f31f6a0d389a04b6ed7105aea
019912ca3f99fa27c0df589a17f340d7193c883a
e7c62d07711fd6333cca7f477f7edff557f9ccb9a8de7e9d05a37edf8b06fcc2
GET /genfiles/cms/1/desktop/banner/0c87fbd20483dc3e670eded5d6c41be9.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 08:47:06 GMT
content-type: image/jpg
content-length: 203640
cache-control: public, max-age=120, s-maxage=600
etag: "7b0d5e7f31f6a0d389a04b6ed7105aea"
expires: Sat, 03 Dec 2022 08:41:38 GMT
last-modified: Mon, 21 Nov 2022 11:00:19 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 513
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/weblightapi/getpopulareventparams
178.253.14.166200 OK 135 B URL HTTP/2 lite-1x36781678.top/web-api/weblightapi/getpopulareventparams
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5c26c254dd91604cb09e313aeb76c97b
3fe45e62e8ea6f629fad136f1946269467c4be3a
76a0c5e4f9685fbb79090bec86e53a1b65b60848a993c8a24711c00b772d77d4
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/weblightapi/getpopulareventparams HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=0; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:06 GMT
content-type: application/json; charset=utf-8
content-length: 135
server-timing: dt_285;dur=51
set-cookie: is_rtl=2; expires=Sun, 03-Dec-2023 08:47:06 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/external-api/v3/banners?project_id=285&country_code=MY&language=ar&platform=2§ion=6&date=2022-12-03T08:47:03.356Z&is_auth=false&limit=100
178.253.14.166200 OK 0 B URL HTTP/2 lite-1x36781678.top/web-api/external-api/v3/banners?project_id=285&country_code=MY&language=ar&platform=2§ion=6&date=2022-12-03T08:47:03.356Z&is_auth=false&limit=100
IP 178.253.14.166:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/v3/banners?project_id=285&country_code=MY&language=ar&platform=2§ion=6&date=2022-12-03T08:47:03.356Z&is_auth=false&limit=100 HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280; is_rtl=2; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670074997; che_g=34936142-c928-791a-31f0-54b71075fef8; ggru=167
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:05 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
server-timing: p;dur=65, dt_285;dur=66
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=ar&fCountry=137
178.253.14.166200 OK 0 B URL HTTP/2 lite-1x36781678.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=ar&fCountry=137
IP 178.253.14.166:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=ar&fCountry=137 HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/ar
Cookie: platform_type=desktop; SESSION=d549984bf756b90237404bbbe6ba5b98; lng=ar; auid=sv0OpmOLDQF4oCIlA/qqAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:47:01 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=83, dt_285;dur=86
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/ar
178.253.14.166200 OK 0 B IP 178.253.14.166:0
Analyzer Verdict Alert quad9 Sinkholed
GET /ar HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 08:46:57 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=1367;desc="Nuxt Server Time", dt_285;dur=1375
set-cookie: platform_type=desktop; Path=/; Expires=Tue, 06 Dec 2022 08:46:56 GMT
SESSION=d549984bf756b90237404bbbe6ba5b98; Path=/; HttpOnly; Secure; SameSite=Lax
lng=ar; Path=/
auid=sv0OpmOLDQF4oCIlA/qqAg==; expires=Sun, 03-Dec-23 08:46:57 GMT; path=/
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2