Report - 1xlite-277345.top/bonus/rules/1st

Report Overview

Submitted URL
1xlite-277345.top/bonus/rules/1st
IP
178.253.15.12
ASN
#0
Submitted
2023-02-04 20:55:09
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
v3.traincdn.com	unknown	2022-11-25T11:00:40Z	2023-03-13T05:11:39Z	54 kB	2.3 MB	8.247.219.122
radar.cedexis.com	3035	2013-11-27T03:31:43Z	2023-03-13T07:56:47Z	374 B	19 kB	45.54.49.5
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-13T08:02:41Z	608 B	593 B	64.233.161.154
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	682 B	1.2 kB	93.184.220.29
1xlite-277345.top	unknown	2023-02-02T13:59:58Z	2023-02-13T02:20:10Z	26 kB	567 kB	178.253.15.12
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.76.226
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	374 B	21 kB	142.250.74.46
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-13T05:09:18Z	726 B	448 B	216.239.34.36
suphelper.com	156440	2019-10-30T16:54:02Z	2023-03-13T06:54:15Z	369 B	1.5 kB	104.16.43.72
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	680 B	1.9 kB	104.18.32.68
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	59 kB	34.120.237.76
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	44.239.226.203
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.0 kB	60 kB	142.250.74.35
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.7 kB	3.5 kB	216.58.211.3
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	548 B	2.5 kB	142.250.74.106
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	416 B	80 kB	142.250.74.168
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-02-04 20:55:35	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-02-04 20:55:35	medium	Client IP	178.253.15.12	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (31)

	URL	Size	First Seen	Last Seen
	1xlite-277345.top/_nuxt/desktop/default/vendors/Footer/Layout.Information/Layout.Office/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Pag/f2c03efd-e79f5416.modern.js	28 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-277345.top/_nuxt/desktop/default/vendors/Footer/Layout.Information/Layout.Office/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Pag/f2c03efd-e79f5416.modern.js IP 178.253.15.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:38:52 Last Seen2023-03-13 21:11:12 Times Seen1 Hash bcf708ea12cf258e53ecaa175e549ca9 6dea599cc1c688f59b4427bce44d793a7856b15e f4886b932ff173ec85ecf67d6fc2f88fcde29250f6b1a1215a4c88ee67fd4a6f Loading...

	1xlite-277345.top/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/1ffcb409-912f77b9.modern.js	8.7 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-277345.top/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/1ffcb409-912f77b9.modern.js IP 178.253.15.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:38:52 Last Seen2023-03-13 21:11:12 Times Seen1 Hash fc3e2a17f418aea8db0eabacb1428c35 c682927e24681f0eb30eb769da66f98c9f847b26 cf195ee48c28c74794c5d340a789978a3fa6ca9b362b30fe2dde718f7f823fc2 Loading...

	1xlite-277345.top/_nuxt/desktop/default/Page.Bonus.Rule-7012baaa.modern.js	22 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-277345.top/_nuxt/desktop/default/Page.Bonus.Rule-7012baaa.modern.js IP 178.253.15.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:31:07 Last Seen2023-03-13 17:57:38 Times Seen1 Hash 0fbdfb630d08b41a66f8a7c321434509 b4775e425cf153712800e7268caaccf704855ca0 7b22ced5970dae24d994ec67e37c99ed62a7ba7a38dfc6815b3e319b16cc7fd0 Loading...

	v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-6ba39157.modern.js	2.5 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-6ba39157.modern.js IP 8.247.219.122 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-13 21:11:12 Times Seen1 Hash 2d7f3e18002db799ea1180e1fea22400 9af526ef86557758007c7822e9785dcb9100e052 3ba32eaf20dbcaa68822df08c9421ba39f1bc69e44daa99820266eeb669b1cd1 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 16:32:04 Times Seen37066708 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	1xlite-277345.top/_nuxt/desktop/default/date-fns-locale-21-86259fdc.modern.js	9.0 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-277345.top/_nuxt/desktop/default/date-fns-locale-21-86259fdc.modern.js IP 178.253.15.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:38:51 Last Seen2023-03-13 21:11:12 Times Seen1 Hash 5f42eebfdd57d757f62c74701b1c2da0 e648b58190e3d03eb2841daa055865d55fdc1613 562db10d1585e578275d23612a6917e9ba7258364a880c9b984dcb55c6e93142 Loading...

	suphelper.com/widget/public/bundle.c7b8b65c246801981786.js	214 kB	2023-03-12	2023-03-14
Pretty URL suphelper.com/widget/public/bundle.c7b8b65c246801981786.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:42:54 Last Seen2023-03-14 08:46:50 Times Seen1 Hash 7edc2f805c257b70e5f1ef7065890036 04e3e17225614d16c71e8a82546b5cd0505c6f29 8d79aab7990b145da9069efcb28cc03a284310968f825733ff7d349ef8669937 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-ff1f901e.modern.js	58 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-ff1f901e.modern.js IP 8.247.219.122 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:38:52 Last Seen2023-03-13 21:11:12 Times Seen1 Hash 0fc02944b5f07f4e272bc7a8455bbb72 9937b32a2e35749bd24aa37404b999827f6dc597 6fa13c27a84066eb48ce69564c6b0bb81cd698f1cb1b9c42168f42e87750da44 Loading...

	suphelper.com/widget/api/i18n-source/en-GB.js?bn=1672737829554	11 kB	2023-03-07	2023-03-25
Pretty URL suphelper.com/widget/api/i18n-source/en-GB.js?bn=1672737829554 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:50:04 Last Seen2023-03-25 23:59:37 Times Seen9 Hash 6a9b24361d21ec5751af0bf2964d4fc6 bc058466f4b7e91d55996f239557466561efed62 5b493621ae5785f78b83a4ac33f8df4a055ed1621e2b9fa417f5942029975302 Loading...

	1xlite-277345.top/en/bonus/rules/1st	677 B	2023-03-13	2023-03-13
Pretty URL 1xlite-277345.top/en/bonus/rules/1st IP 178.253.15.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 17:02:21 Last Seen2023-03-13 17:02:21 Times Seen1 Hash d7336e803d4fbd1cba81079ba7fdceec cc759312be508f24954f5dcf60133dfba8a8d91d 46893f6aedaef467efd6ddb3b1ad4dcaa273a71ce1818553a63b28e052a5f240 Loading...

	1xlite-277345.top/_nuxt/desktop/default/vendors/Page.Bonus.Rule-5ee4fea5.modern.js	27 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-277345.top/_nuxt/desktop/default/vendors/Page.Bonus.Rule-5ee4fea5.modern.js IP 178.253.15.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:31:07 Last Seen2023-03-13 17:57:38 Times Seen1 Hash 2b5d2b9cd2b3fd62de32dee147b76492 df59d9177c06416cd22ca0e193d917b36a2fd8e2 39cd86145e52d3d1aa08fd980c1b0f66b8101d35d4e687921c6a638b1fd6dd27 Loading...

	radar.cedexis.com/1593429750/radar.js	45 kB	2023-03-07	2023-11-16
Pretty URL radar.cedexis.com/1593429750/radar.js IP 45.54.49.5 ASN #63911 NetActuate, Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2023-11-16 11:36:04 Times Seen2664 Hash f0bad4e1f4843352017e0dcec735975a 7708b6d1c3966fda619af0bfb64d5c14b85e5da9 79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	suphelper.com/widget/?build=1672737829554&lang=en-GB&langInited=true&opener=full	441 B	2023-03-07	2024-01-20
Pretty URL suphelper.com/widget/?build=1672737829554&lang=en-GB&langInited=true&opener=full IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:52 Last Seen2024-01-20 20:21:10 Times Seen1475 Hash 562c0a945070f06a208058106238c55f c5b09a8a2efe65342f36dfe49c26b717eeed82de e98fce7d083f719412d5e10b42e777b4bd0c7bf4b83e2a151de5500bd044f2cb Loading...

	suphelper.com/widget/?build=1672737829554&lang=en-GB&langInited=true&opener=full	203 B	2023-03-07	2024-01-20
Pretty URL suphelper.com/widget/?build=1672737829554&lang=en-GB&langInited=true&opener=full IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:52 Last Seen2024-01-20 20:21:11 Times Seen1389 Hash c762ec1a23a59894a334b9bb9fb7fa41 8751a4d124eb7a0ac54097933749b73b7a0409c0 6fd4ec66c226d3bd937a8620622453b33ab935ae30c6bbcf6cc9d62f69804ecf Loading...

	1xlite-277345.top/en/bonus/rules/1st	180 B	2023-03-12	2023-04-01
Pretty URL 1xlite-277345.top/en/bonus/rules/1st IP 178.253.15.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 14:14:11 Last Seen2023-04-01 10:25:05 Times Seen13 Hash e5e49da81c9a59ee3cd9062fa8603147 5898039d5f6f0e84ece411f1ca8887491db3bc6b 624f628065f7620544f214d63746bf0113e999d881e32554c32dfb9b217313d6 Loading...

	1xlite-277345.top/_nuxt/desktop/default/plugins.vue-js-modal-a8cad600.modern.js	26 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-277345.top/_nuxt/desktop/default/plugins.vue-js-modal-a8cad600.modern.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:38:52 Last Seen2023-03-13 21:11:12 Times Seen1 Hash 8e6a8c74193bbc90637d1cce0180745d 00527eb84e75d7f5d2fc0687aa2ad39e5e4a18d4 0a1c281034de23c4fbd84f746f9656b851a337e183896d61e87b92a53feaa4c6 Loading...

	suphelper.com/widget/injector.js	168 kB	2023-03-12	2023-03-14
Pretty URL suphelper.com/widget/injector.js IP 104.16.43.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:42:55 Last Seen2023-03-14 08:46:50 Times Seen1 Hash 705b743c50a8ce85d13e777bacf9b4dd d1dd64dce493bd9b50552d23d949561de5574999 3f838769c403a76e92fc459d87a640634338c264e6b8293a3133e4582100d804 Loading...

	v3.traincdn.com/_nuxt/desktop/default/app-5cd67df7.modern.js	750 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/app-5cd67df7.modern.js IP 8.247.219.122 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:38:52 Last Seen2023-03-13 18:52:50 Times Seen1 Hash 2b4c8a7569f9b849b3b9eacf6daa5766 2082b436f5bdb198aafe47db9e22f4ed3d976620 8573d44387a0ed1f7ca8ebceafcc715ec904f6dff57063b07ab56252f93aea85 Loading...

	suphelper.com/widget/public/chunk.0e784b6d22ea4f47c4cb.js	1.4 MB	2023-03-12	2023-03-25
Pretty URL suphelper.com/widget/public/chunk.0e784b6d22ea4f47c4cb.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:42:55 Last Seen2023-03-25 23:59:37 Times Seen10 Hash 7e7d49dbadec83f0c94eeffbb33ca2aa eb9913f857000aafb2ed501f635aa94f5bacb3b0 f68513b9007a1261a958941ec1eb8857fd0259609565fdf5e5b5c8d9e77aeab4 Loading...

	1xlite-277345.top/_nuxt/desktop/default/Page.Bonus-229a3c35.modern.js	21 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-277345.top/_nuxt/desktop/default/Page.Bonus-229a3c35.modern.js IP 178.253.15.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:31:07 Last Seen2023-03-13 17:57:38 Times Seen1 Hash b99c61c63946972f996cd922c5c2e2fd ef482f575d122f662b819b2493f047e4f3f6568e 0ae416408a135cd8d87ae711359e4f86b69af2b9b4ca118778719e3c996bf19d Loading...

	1xlite-277345.top/_nuxt/desktop/default/Page.Bonus.MainPage/Page.Bonus.Rule-1df7ff80.modern.js	12 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-277345.top/_nuxt/desktop/default/Page.Bonus.MainPage/Page.Bonus.Rule-1df7ff80.modern.js IP 178.253.15.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 16:31:07 Last Seen2023-03-13 17:57:38 Times Seen1 Hash b06a2a626a520f71ce779d0399721d04 aa80364e6a9acd96db4035ffeb51c60a33904897 1c6dd68726aac2e6ce146179f9cdfa043fe2db1c169f70a95f4bd1af26d91b3d Loading...

	1xlite-277345.top/en/bonus/rules/1st	313 B	2023-03-07	2023-04-01
Pretty URL 1xlite-277345.top/en/bonus/rules/1st IP 178.253.15.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:09 Last Seen2023-04-01 10:25:04 Times Seen15 Hash 494ab8c88e9a8cfd9aa511a663c925c6 4816e303ad4a09ef00d54305b7b9e2e51c9bff4e 9de249453f6780a3274d7fae16d04d230aa9a5b70b57c7d094bbd764ceb8cf4e Loading...

	1xlite-277345.top/en/bonus/rules/1st	795 B	2023-03-08	2024-02-13
Pretty URL 1xlite-277345.top/en/bonus/rules/1st IP 178.253.15.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:50 Last Seen2024-02-13 14:23:26 Times Seen2399 Hash d142026b9af7316cb97a9331199c8cf2 4ffe70e80a10f689006b1e3a518019fdc077f2b2 519b6d15761517d0ecc72fb32c0e4c6479ed232c8cd01985a3bd963a26233a9f Loading...

	v3.traincdn.com/_nuxt/desktop/default/DC-99cae2fc.modern.js	2.5 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/DC-99cae2fc.modern.js IP 8.247.219.122 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:38:52 Last Seen2023-03-13 21:11:12 Times Seen1 Hash 006d5f977f111481cabfd29ee571c91c 3411661086755c3065c1f3a3003bc2d128bcdd35 099d289220c8df17635482e80abe63ee08efafe71031fc74975cdda0dcbdf461 Loading...

	v3.traincdn.com/_nuxt/desktop/default/betting.media-4266d4d5.modern.js	19 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/betting.media-4266d4d5.modern.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:38:52 Last Seen2023-03-13 21:11:12 Times Seen1 Hash c3fd2cf58d12c27c22777dfc6d7de1c3 6f150004951982da5bd4fa259f0a82d991d7e79d 0a11e43230a5fa93a283f686fd177751cdf1d39030d3d3554f57070e0b030ef3 Loading...

	1xlite-277345.top/en/bonus/rules/1st	136 B	2023-03-07	2024-02-06
Pretty URL 1xlite-277345.top/en/bonus/rules/1st IP 178.253.15.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:09 Last Seen2024-02-06 18:07:50 Times Seen281 Hash 1d82394dbefeb520c846a4f8cd04f272 386231475cfc8d025bbf876b5968e2188e294d1f f550e68574bcfe2c9b2cbc83dedaa5eefecd539867e7eaafbbd4511b8d66ba03 Loading...

	v3.traincdn.com/_nuxt/desktop/default/runtime-74f9911d.modern.js	40 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/runtime-74f9911d.modern.js IP 8.247.219.122 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:52:56 Last Seen2023-03-13 18:54:01 Times Seen1 Hash cea4d9da923a6aa45787ffa9aa9b3248 e103f54c034121ca8c64a48cac76995260c7c011 3d3165101f7bff8a1c92b3fd435e26adb57b3fbdcbaec262cb78887bd9e2d89a Loading...

	1xlite-277345.top/_nuxt/desktop/default/vendors/plugins.vue-notification-b5bb9776.modern.js	12 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-277345.top/_nuxt/desktop/default/vendors/plugins.vue-notification-b5bb9776.modern.js IP 178.253.15.12 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:38:52 Last Seen2023-03-13 21:11:12 Times Seen1 Hash 1c4d4ca15ac9a7c76413640482662c1c 5b188dd909fb7de387c9e0fa3ac2e8e0f4e3c8cb e098a66e9bf975b7dd6646d7d9c411e79ad828bdc54e85b7e33fbb301a3abeaf Loading...

	v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-dbc4cdbe.modern.js	14 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-dbc4cdbe.modern.js IP 8.247.219.122 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:38:52 Last Seen2023-03-13 21:11:12 Times Seen1 Hash 8fc1ba0bb0214c9b1cf05a7ec7ce048c f0c95e469bb139467752e1898c3ba9c6e474ff1e 2f59ab0be0c100eeab962e392b8cbfa95518b4481ac6b00e18ac97954590c2eb Loading...

		Size	First Seen	Last Seen
	#1 Eval - 7bcccdd17491d63ca62b6b131cc314af	15 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 17:02:21 Last Seen2023-03-13 17:02:21 Times Seen1 Hash 7bcccdd17491d63ca62b6b131cc314af e212169aa62e1f842484efd03f6fc27c59f0f092 2621703e411a8246c71e12f1ac03e4fb327086572db31ffe5f338073dc65ad5a Loading...

HTTP Transactions (199)

URL IP Response Size

1xlite-277345.top/bonus/rules/1st

178.253.15.12

301 Moved Permanently

162 B

URL HTTP/1.1
1xlite-277345.top/bonus/rules/1st
IP
178.253.15.12:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /bonus/rules/1st HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 20:54:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://1xlite-277345.top/bonus/rules/1st

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3616
Expires: Sat, 04 Feb 2023 21:55:14 GMT
Date: Sat, 04 Feb 2023 20:54:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6744
Expires: Sat, 04 Feb 2023 22:47:22 GMT
Date: Sat, 04 Feb 2023 20:54:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14447
Expires: Sun, 05 Feb 2023 00:55:45 GMT
Date: Sat, 04 Feb 2023 20:54:58 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 20:43:39 GMT
content-type: application/json
age: 679
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: LpQnMjF5yNbxcjK73gOssVz7CqBIRp9W1b8HSeMyzfjtCVNcKEmKnl0x90T09fxbDbl4s0yvtyA=
x-amz-request-id: Q3KNVP95853JVSAP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 20:52:58 GMT
age: 120
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b6575ab2d48f1828d572e7704f5b7e40
9fc0564dd4f4ad5d41f611542eda099d79e660b8
9c2e62a06020716a64a4eb80baf107a62e17dac282bc143c0e4df66f848bb9e0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C2E62A06020716A64A4EB80BAF107A62E17DAC282BC143C0E4DF66F848BB9E0"
Last-Modified: Thu, 02 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=91
Expires: Sat, 04 Feb 2023 20:56:29 GMT
Date: Sat, 04 Feb 2023 20:54:58 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:54:58 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 20:07:19 GMT
age: 2859
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:54:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:54:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3808
Expires: Sat, 04 Feb 2023 21:58:26 GMT
Date: Sat, 04 Feb 2023 20:54:58 GMT
Connection: keep-alive

push.services.mozilla.com/

44.239.226.203

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.239.226.203:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wCYHJEyScXcX/YYQf27G2A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: npR9pRHCwSglH685gg54hR9x8E4=

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
dcd8c82da2ec392cc7fd83d81e5f415b
3e3420209787577f2b3b1203dc2bd049fc74728d
739e0053a05a04cd2113c3e3d84b6261a6f516cdcce21aeaa866243543f6db3c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 20:54:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 03:03:03 GMT
Expires: Thu, 09 Feb 2023 03:03:02 GMT
Etag: "3e3420209787577f2b3b1203dc2bd049fc74728d"
Cache-Control: max-age=367082,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79464e00be54b4f4-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
dcd8c82da2ec392cc7fd83d81e5f415b
3e3420209787577f2b3b1203dc2bd049fc74728d
739e0053a05a04cd2113c3e3d84b6261a6f516cdcce21aeaa866243543f6db3c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 20:54:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 03:03:03 GMT
Expires: Thu, 09 Feb 2023 03:03:02 GMT
Etag: "3e3420209787577f2b3b1203dc2bd049fc74728d"
Cache-Control: max-age=367082,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79464e00be250b65-OSL

v3.traincdn.com/version.json

8.247.219.122

200 OK

44 B

URL HTTP/2
v3.traincdn.com/version.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
ASCII text
Size
44 B (44 bytes)
Hash
2ff0903e2cf1934343d552ae57e72026
4ba867a032cfd0e85d695429de231d14c4c4dd56
ffa5642106dbd12dea7a3bd3a05ec8c1a34a9ce87385221b32f65da552cd631d

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/json
content-length: 44
cache-control: max-age=60, s-maxage=60
content-encoding: gzip
etag: "63dd300c-2c"
expires: Sat, 04 Feb 2023 20:55:54 GMT
last-modified: Fri, 03 Feb 2023 16:02:20 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 7
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/d1370efa.css

8.247.219.122

200 OK

42 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/d1370efa.css
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (41552 bytes)
Hash
a879f84cec3460f101ef164f914a9c6f
f9c1cd31b3f1bb847245c18e7209811719160ad3
7bc187d468cfe2a86bce9d834d0e952076e2ed028e7dd748fdabd2665de0718d

HTTP Headers

GET /_nuxt/desktop/default/css/d1370efa.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: text/css
content-length: 41552
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-a250"
expires: Sun, 05 Feb 2023 07:48:17 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47203
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap

142.250.74.106

200 OK

1.9 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.9 kB (1910 bytes)
Hash
6d7fea20d77b819b58adadbbdda13e09
fd5853ef4bdcacd6709bca03c26da90b049c6ad1
a1d4c5dd1e34e70339ef4de3bc3de6ed69aeca18fcfd217612c00937c61f40e3

HTTP Headers

GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 20:54:58 GMT
date: Sat, 04 Feb 2023 20:54:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/5f146d7c.css

8.247.219.122

200 OK

13 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/5f146d7c.css
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
13 kB (12852 bytes)
Hash
e639fe968ccd7c0c724bb3e017f6a1b0
ba2ad1f65f65cb90ee56a5e9440250addeb0222a
0cfa37dbc1cfd74f9a7b6b3c6fd54ddb921dbdd0c6f857775b2b3bd381a6fa7a

HTTP Headers

GET /_nuxt/desktop/default/css/5f146d7c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: text/css
content-length: 12852
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-3234"
expires: Sun, 05 Feb 2023 12:28:16 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30404
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-277345.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png

178.253.15.12

200 OK

352 B

URL HTTP/2
1xlite-277345.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP
178.253.15.12:0
ASN
#0

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
352 B (352 bytes)
Hash
7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78

HTTP Headers

GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
expires: Fri, 03 Feb 2023 12:55:50 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:55:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

v3.traincdn.com/_nuxt/desktop/default/runtime-74f9911d.modern.js

8.247.219.122

200 OK

13 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/runtime-74f9911d.modern.js
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (39801), with no line terminators
Size
13 kB (12699 bytes)
Hash
d273b47723ce561b91af027e29cbfdbf
550c74205ef72b7b22fca464adf38742c473597c
e0b5db6ac487049158c077bc93cad89e515b379556c6b23fc5e97f4b4efeefbd

HTTP Headers

GET /_nuxt/desktop/default/runtime-74f9911d.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 12699
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-319b"
expires: Sun, 05 Feb 2023 13:04:05 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 28256
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/commons/app-9a3fc913.modern.js

8.247.219.122

200 OK

86 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/commons/app-9a3fc913.modern.js
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65476)
Size
86 kB (86118 bytes)
Hash
c290898569357af9f18833ab57cf7b68
fca8801b14f3943b8917555946e096633eced15d
b4781a3e1ea974324860261d3977ae149747115fcc053c7dde75b0fb617a9473

HTTP Headers

GET /_nuxt/desktop/default/commons/app-9a3fc913.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 86118
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-15066"
expires: Sun, 05 Feb 2023 07:48:17 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47204
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 514380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/app-a1c33ba1.modern.js

8.247.219.122

200 OK

216 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/app-a1c33ba1.modern.js
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (65396)
Size
216 kB (215714 bytes)
Hash
0e97c99f75258fc41467962d8c2855f5
c2d00bee098c824612fd032c0b723e03f8bb63a8
f8f0e24867d731be762057259277c46d1ecf0d568b3a0dac959866d9e0b0e9c1

HTTP Headers

GET /_nuxt/desktop/default/vendors/app-a1c33ba1.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 215714
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-34aa2"
expires: Sun, 05 Feb 2023 07:48:18 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47203
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20535
Expires: Sun, 05 Feb 2023 02:37:15 GMT
Date: Sat, 04 Feb 2023 20:55:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20535
Expires: Sun, 05 Feb 2023 02:37:15 GMT
Date: Sat, 04 Feb 2023 20:55:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20535
Expires: Sun, 05 Feb 2023 02:37:15 GMT
Date: Sat, 04 Feb 2023 20:55:00 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8211 bytes)
Hash
114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _VFg0FMYa1Dg55fLpJTwdX2uZXkYjZSFdbdAKqGQu7GF2dPiawKh1g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 07:29:26 GMT
age: 48334
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9141 bytes)
Hash
f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aKr85ooofBPeKkeJIDO5W_X5Rn6xnJlRHmVrs8tgBMYe3HQhobsm3w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:56:07 GMT
age: 82733
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.2 kB (5174 bytes)
Hash
e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 82474
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8527 bytes)
Hash
6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 82156
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 06:20:04 GMT
age: 52496
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10253 bytes)
Hash
392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 82179
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/vendors/plugins.vue-notification-b5bb9776.modern.js

178.253.15.12

200 OK

4.6 kB

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/vendors/plugins.vue-notification-b5bb9776.modern.js
IP
178.253.15.12:0
ASN
#0

File type
ASCII text, with very long lines (12527), with no line terminators
Size
4.6 kB (4563 bytes)
Hash
cc11d5b7bbd6e6858509feadbced10ce
92de5487b90e66565d1f62ad03cd40c0506c4b30
8272e7505b2d95de0730eb394dae39e1b31e4cb0fc99d0b45964d0e7afef2e46

HTTP Headers

GET /_nuxt/desktop/default/vendors/plugins.vue-notification-b5bb9776.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 4563
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-11d3"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-568bcfd9.modern.js

178.253.15.12

200 OK

22 kB

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-568bcfd9.modern.js
IP
178.253.15.12:0
ASN
#0

File type
ASCII text, with very long lines (65476)
Size
22 kB (21836 bytes)
Hash
5dc25e067ee5924700e409963eb73cb1
7e2a61e3fb985b4af152335770f4854398bc8512
cbb81eff45780ffd409ada8dad098b3c9c910b1e5a2b5dbea9d64cc8fe0e3d49

HTTP Headers

GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-568bcfd9.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 21836
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-554c"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/vendors/Footer/Layout.Information/Layout.Office/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Pag/f2c03efd-e79f5416.modern.js

178.253.15.12

200 OK

7.1 kB

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/vendors/Footer/Layout.Information/Layout.Office/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Pag/f2c03efd-e79f5416.modern.js
IP
178.253.15.12:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (27736), with no line terminators
Size
7.1 kB (7133 bytes)
Hash
85f1ac0f3222f7d168751928aae86e87
e8dcd0189e3c61f0d451ba23829bdf34c75876b1
11264af04447d2c1a0202168ee9278d09031c8764205b3f5938a78c84024d148

HTTP Headers

GET /_nuxt/desktop/default/vendors/Footer/Layout.Information/Layout.Office/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Pag/f2c03efd-e79f5416.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 7133
last-modified: Fri, 03 Feb 2023 15:58:17 GMT
vary: Accept-Encoding
etag: "63dd2f19-1bdd"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/css/328d4387.css

178.253.15.12

200 OK

2.2 kB

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/css/328d4387.css
IP
178.253.15.12:0
ASN
#0

File type
ASCII text, with very long lines (18385), with no line terminators
Size
2.2 kB (2197 bytes)
Hash
929aca40e43201b0f3257a0ced9e8813
fd964d7adfac6b709cad92fdddb7d207fd57ec05
429c3d3ba9a039180694733cda6d2e09c5b6dc5b088c3acb252b46ca9f9c2baf

HTTP Headers

GET /_nuxt/desktop/default/css/328d4387.css HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: text/css
content-length: 2197
last-modified: Fri, 03 Feb 2023 15:58:17 GMT
vary: Accept-Encoding
etag: "63dd2f19-895"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/1ffcb409-912f77b9.modern.js

178.253.15.12

200 OK

2.5 kB

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/1ffcb409-912f77b9.modern.js
IP
178.253.15.12:0
ASN
#0

File type
ASCII text, with very long lines (8713), with no line terminators
Size
2.5 kB (2528 bytes)
Hash
8f17e5337b0f196e380b7c440da630f9
b5acc24b3eef7cbd560b814941aee6ef9ad45e8d
65968e0a70f0ecba8b9c42ebc5cd8dabbb6577b399b9a556ebda86bbbd244cfc

HTTP Headers

GET /_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/1ffcb409-912f77b9.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 2528
last-modified: Fri, 03 Feb 2023 15:58:17 GMT
vary: Accept-Encoding
etag: "63dd2f19-9e0"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/css/d849a619.css

178.253.15.12

200 OK

865 B

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/css/d849a619.css
IP
178.253.15.12:0
ASN
#0

File type
ASCII text, with very long lines (4739), with no line terminators
Size
865 B (865 bytes)
Hash
4e1dc12d0c413758d244b310695e9bdb
4f61ac3973c05afddaf56166e37ea00d0120d1e2
e88b057b78765e19d92938195dd0f86aefb55b7813e8492b5e8ffb8c82a593c4

HTTP Headers

GET /_nuxt/desktop/default/css/d849a619.css HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: text/css
content-length: 865
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-361"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/Page.Bonus-229a3c35.modern.js

178.253.15.12

200 OK

6.6 kB

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/Page.Bonus-229a3c35.modern.js
IP
178.253.15.12:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (20477), with no line terminators
Size
6.6 kB (6643 bytes)
Hash
43950871ddb92bc0998ec328688b92ea
96dcf9f0b116e8dc52f78287df13e3a6e028e32c
d78c700e75ecfaa77c5a38ff10f60d34c4b7c6e39b6dfa1148aef2788cd9273c

HTTP Headers

GET /_nuxt/desktop/default/Page.Bonus-229a3c35.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 6643
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-19f3"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/vendors/Page.Bonus.Rule-5ee4fea5.modern.js

178.253.15.12

200 OK

7.2 kB

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/vendors/Page.Bonus.Rule-5ee4fea5.modern.js
IP
178.253.15.12:0
ASN
#0

File type
ASCII text, with very long lines (26619), with no line terminators
Size
7.2 kB (7184 bytes)
Hash
6c9d6059443cd47312c41ce82a6c6d62
b41c02316cab5d65f7a1a5ba3c09e5c9ac87df5b
67fb0162f4be1fd3948fb4c6971a953c989f4ec4d639805b8b239a2ace95585d

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.Bonus.Rule-5ee4fea5.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 7184
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-1c10"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/css/f6cdbb44.css

178.253.15.12

200 OK

796 B

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/css/f6cdbb44.css
IP
178.253.15.12:0
ASN
#0

File type
ASCII text, with very long lines (3255), with no line terminators
Size
796 B (796 bytes)
Hash
d680af5ca1534d0b85966227a011588a
7cd91408dfe2f679dbccd543fb2a6bc84f15741e
75bcd2b688baa1237c656bc1dd2b4effa502845b7d851e870fac77386e810637

HTTP Headers

GET /_nuxt/desktop/default/css/f6cdbb44.css HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: text/css
content-length: 796
last-modified: Fri, 03 Feb 2023 15:58:17 GMT
vary: Accept-Encoding
etag: "63dd2f19-31c"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/Page.Bonus.MainPage/Page.Bonus.Rule-1df7ff80.modern.js

178.253.15.12

200 OK

4.0 kB

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/Page.Bonus.MainPage/Page.Bonus.Rule-1df7ff80.modern.js
IP
178.253.15.12:0
ASN
#0

File type
ASCII text, with very long lines (11739), with no line terminators
Size
4.0 kB (3972 bytes)
Hash
fd3fcb8447772803055c9a1713c265ee
7f398e8ae4a6ea3ecb7f59bdb490127ec3d38c8d
1800ce170f2e6bbbbb172505ed66457d6a8776fea9d5f61a65a879134af95b70

HTTP Headers

GET /_nuxt/desktop/default/Page.Bonus.MainPage/Page.Bonus.Rule-1df7ff80.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 3972
last-modified: Fri, 03 Feb 2023 15:58:17 GMT
vary: Accept-Encoding
etag: "63dd2f19-f84"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/css/b3c07b1b.css

178.253.15.12

200 OK

1.7 kB

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/css/b3c07b1b.css
IP
178.253.15.12:0
ASN
#0

File type
ASCII text, with very long lines (10923), with no line terminators
Size
1.7 kB (1655 bytes)
Hash
efd54ab0c29f11490b448521d8891164
49ce47d5a482b69b5495a50b39798d9fb6228cc1
e506963127e23229d92dd94ef65cfae4ddbb98fa34cfb5e3464c8fde4796f792

HTTP Headers

GET /_nuxt/desktop/default/css/b3c07b1b.css HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: text/css
content-length: 1655
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-677"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/Page.Bonus.Rule-7012baaa.modern.js

178.253.15.12

200 OK

6.5 kB

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/Page.Bonus.Rule-7012baaa.modern.js
IP
178.253.15.12:0
ASN
#0

File type
ASCII text, with very long lines (22431), with no line terminators
Size
6.5 kB (6521 bytes)
Hash
d78659e6e7aae86d8d5c2451752c1c55
00df90fcb2c548d3b3ed254acfef489656762385
c208a0a3cfbf373a1c4ac84432d53b87b475736e5ad43c80efefce92a3bc13ca

HTTP Headers

GET /_nuxt/desktop/default/Page.Bonus.Rule-7012baaa.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 6521
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-1979"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1675544137858

178.253.15.12

200 OK

145 B

URL HTTP/2
1xlite-277345.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1675544137858
IP
178.253.15.12:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
145 B (145 bytes)
Hash
55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b

HTTP Headers

GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1675544137858 HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
expires: Sun, 05 Feb 2023 20:55:00 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-277345.top/pwa

178.253.15.12

200 OK

15 B

URL HTTP/2
1xlite-277345.top/pwa
IP
178.253.15.12:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
0e4766fd1b2ba2e236fd9364587f99ab
eb98dec7af065d80a1a3ddb99cb3e3c0919aa852
4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b

HTTP Headers

GET /pwa HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/json; charset=utf-8
content-length: 15
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
server-timing: dt_285;dur=18
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/css/f9d99aa7.css

178.253.15.12

200 OK

943 B

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/css/f9d99aa7.css
IP
178.253.15.12:0
ASN
#0

File type
ASCII text, with very long lines (3303), with no line terminators
Size
943 B (943 bytes)
Hash
e4fd04067fd4cb615dafb76ce8c62729
1ba7bf93e0a2a8f316add4efd676d7268b4e7f6d
7dbd3f29a56002bfe747432dc14ef29fabf8556fc7998c85ee5a32b945d083f0

HTTP Headers

GET /_nuxt/desktop/default/css/f9d99aa7.css HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: text/css
content-length: 943
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-3af"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:01 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/frontend-api/site-conf/getLangs

178.253.15.12

200 OK

19 kB

URL HTTP/2
1xlite-277345.top/frontend-api/site-conf/getLangs
IP
178.253.15.12:0
ASN
#0

File type
data
Size
19 kB (18723 bytes)
Hash
5906dd68b88a58405858eff37816751d
b693bee576a51947c2b0e71f14651f126851c3d7
45d68af92f0a9d2105c149a589eac5f95c7e3c687fca76b17b9cf01696ab5290

HTTP Headers

GET /frontend-api/site-conf/getLangs HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
etag: W/"103a-kvktpoX4jjo8MYK8JJV3xSQ+q/M"
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/desktop/default/date-fns-locale-21-86259fdc.modern.js

178.253.15.12

200 OK

2.6 kB

URL HTTP/2
1xlite-277345.top/_nuxt/desktop/default/date-fns-locale-21-86259fdc.modern.js
IP
178.253.15.12:0
ASN
#0

File type
ASCII text, with very long lines (9012), with no line terminators
Size
2.6 kB (2644 bytes)
Hash
7f71df8e5905c322b3d249323ff3f6a9
7e3d1e624bc7f16f2f6b3239bcdb5cbcef86e743
f687321546ec2f899f7652ec7d2b49f0f53392ebde3d8a9c056b8e28e7170fd4

HTTP Headers

GET /_nuxt/desktop/default/date-fns-locale-21-86259fdc.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 2644
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-a54"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:01 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/service-api/DbService/LongCache/GetSports?lng=en

178.253.15.12

200 OK

3.3 kB

URL HTTP/2
1xlite-277345.top/service-api/DbService/LongCache/GetSports?lng=en
IP
178.253.15.12:0
ASN
#0

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (10161), with no line terminators
Size
3.3 kB (3308 bytes)
Hash
36dab8cc27a156946f6427146666d310
73a5a7895e4ae18f1fe27935943b7ccfd4d13650
2417df8ddfae847cece86ccecb376f1059811c1bc5fcf8091045b23908e05e63

HTTP Headers

GET /service-api/DbService/LongCache/GetSports?lng=en HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 3308
cache-control: public,max-age=1800
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/web-api/api/internal/v1/blocks/check

178.253.15.12

204 No Content

0 B

URL HTTP/2
1xlite-277345.top/web-api/api/internal/v1/blocks/check
IP
178.253.15.12:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web-api/api/internal/v1/blocks/check HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
cache-control: no-cache, private
server-timing: p;dur=43, dt_285;dur=48
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/DC-99cae2fc.modern.js

8.247.219.122

200 OK

1.1 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/DC-99cae2fc.modern.js
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (2509), with no line terminators
Size
1.1 kB (1084 bytes)
Hash
dce8d0096cbc8c992ada35d76b5b0626
567bd5b7a95727ecbf6e69fff0607dd94f21d447
4ae3cfb4ab3e366245dd9c51cb7127ffb0a4f7f3e07e710289a057cfa4cec48a

HTTP Headers

GET /_nuxt/desktop/default/DC-99cae2fc.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 1084
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-43c"
expires: Sun, 05 Feb 2023 07:48:32 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47189
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-277345.top/genfiles/cms/pg/285/css/value/42ba9774b8aea778d6717e7c99850e83.css

178.253.15.12

200 OK

6.9 kB

URL HTTP/2
1xlite-277345.top/genfiles/cms/pg/285/css/value/42ba9774b8aea778d6717e7c99850e83.css
IP
178.253.15.12:0
ASN
#0

File type
ASCII text, with very long lines (36504), with no line terminators
Size
6.9 kB (6875 bytes)
Hash
4993c46ab4cd5306156dfc3f8f081cf6
84b6c57cc2d383da8ee0dcdeed021f5b5e6fa874
7cdadc4f0cc36c451e15d75195206ac7526c6103b24f36d6e5ea9688626ffe43

HTTP Headers

GET /genfiles/cms/pg/285/css/value/42ba9774b8aea778d6717e7c99850e83.css HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 03 Feb 2023 11:44:04 GMT
x-rgw-object-type: Normal
etag: W/"d932a4ba154cc5607da3166fdb676f78"
content-encoding: br
expires: Sat, 04 Feb 2023 21:55:01 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/web-api/api/internal/v1/sessions/user

178.253.15.12

200 OK

45 kB

URL HTTP/2
1xlite-277345.top/web-api/api/internal/v1/sessions/user
IP
178.253.15.12:0
ASN
#0

File type
data
Size
45 kB (44966 bytes)
Hash
1c2788de895a01eec1c72b84af336c52
7bda9f5d49ec29c21495e0604f4bf449b6e8fcbc
2b2e3bffb4da1173fe19b898050c3044cc2c6017c53b8a10ded2e7ce5c63d1f3

HTTP Headers

GET /web-api/api/internal/v1/sessions/user HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=31, dt_285;dur=35
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/version.json?timestamp=1675544138780

178.253.15.12

200 OK

44 B

URL HTTP/2
1xlite-277345.top/version.json?timestamp=1675544138780
IP
178.253.15.12:0
ASN
#0

File type
ASCII text
Size
44 B (44 bytes)
Hash
2ff0903e2cf1934343d552ae57e72026
4ba867a032cfd0e85d695429de231d14c4c4dd56
ffa5642106dbd12dea7a3bd3a05ec8c1a34a9ce87385221b32f65da552cd631d

HTTP Headers

GET /version.json?timestamp=1675544138780 HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json
content-length: 44
last-modified: Fri, 03 Feb 2023 16:02:20 GMT
vary: Accept-Encoding
etag: "63dd300c-2c"
content-encoding: gzip
expires: Sat, 04 Feb 2023 20:56:01 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-dbc4cdbe.modern.js

8.247.219.122

200 OK

5.4 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-dbc4cdbe.modern.js
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (13485), with no line terminators
Size
5.4 kB (5404 bytes)
Hash
7f06e639dd356a59266d9c9f189ba386
0d6c16ba6360996937d586b90845213cb8bfc025
8a428f94da4415c5199b54e1630690845fb0f14bcb86e1196a0fbd5a946088d9

HTTP Headers

GET /_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-dbc4cdbe.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 5404
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f19-151c"
expires: Sun, 05 Feb 2023 07:48:36 GMT
last-modified: Fri, 03 Feb 2023 15:58:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47187
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-277345.top/web-api/api/converslon/load

178.253.15.12

200 OK

6.0 kB

URL HTTP/2
1xlite-277345.top/web-api/api/converslon/load
IP
178.253.15.12:0
ASN
#0

File type
data
Size
6.0 kB (5977 bytes)
Hash
a5f99b6b26781f672431936c654bd018
90e3c521fec9b5cf1346b9bd931509691782c818
bd0a6e14c461ed8578afbc33afe184db6296672f3964d2d0f0e9513aae5192b7

HTTP Headers

GET /web-api/api/converslon/load HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=18, dt_285;dur=22
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-0f46e8a9.modern.js

8.247.219.122

200 OK

26 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-0f46e8a9.modern.js
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
26 kB (26241 bytes)
Hash
35d71792c0a2c59cedeb3d5d9026dee4
17fecb3ac077b96043d8783c00e47143dcb0dc1d
4f2f8e80f034a1091f561a49e7ddfc18905ac384041c25aeff7f9aab2730b9fa

HTTP Headers

GET /_nuxt/desktop/default/vendors/conversion-0f46e8a9.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 26241
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-6681"
expires: Sun, 05 Feb 2023 07:48:36 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47187
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c

142.250.74.168

200 OK

79 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (24181)
Size
79 kB (79356 bytes)
Hash
f9bc45c5fc18a6743eea619f185fe5a3
05279ac2480542025ba72e7bbcba559a11f5d910
951531ef24540c59e8fc180c12b90b2ebada5a69507e87e6445e40e344e86911

HTTP Headers

GET /gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 20:55:01 GMT
expires: Sat, 04 Feb 2023 20:55:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79356
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_af5a3a8ec3cd3a3091cc936e8c4a5a54.json

8.247.219.122

200 OK

18 kB

URL HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_af5a3a8ec3cd3a3091cc936e8c4a5a54.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (54625), with no line terminators
Size
18 kB (18415 bytes)
Hash
d4d6a4eea0614783818765304da03f46
df737da9b5781485bcf9f15751c9a90143d0eed6
a744d920bd73e39bbb8580511a2bd04fcc9e84a60850fb7308f4d69eade31744

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_af5a3a8ec3cd3a3091cc936e8c4a5a54.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 18415
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"845619c9ec905724a73e8257d750cdff"
expires: Sun, 05 Feb 2023 15:29:24 GMT
last-modified: Sat, 04 Feb 2023 15:28:40 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19541
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_6d5b944fdd0a3c4562548c0f733c85c2.json

8.247.219.122

200 OK

4.3 kB

URL HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_6d5b944fdd0a3c4562548c0f733c85c2.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (13828), with no line terminators
Size
4.3 kB (4286 bytes)
Hash
700316513eb73d58378f5c97a9377279
855a843cf59d5324793b59e3562e9dca1a23ad57
49fe6ee1e739dc224a158910707c8657f14f1a9494815b4d247779e9eb028463

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_6d5b944fdd0a3c4562548c0f733c85c2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 4286
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2ed73d68ee903a45b01ffd3b426f80e0"
expires: Sun, 05 Feb 2023 15:29:22 GMT
last-modified: Sat, 04 Feb 2023 15:28:41 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19541
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_3f33351716421034b67a836e912e10ab.json

8.247.219.122

200 OK

5.4 kB

URL HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_3f33351716421034b67a836e912e10ab.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (14938), with no line terminators
Size
5.4 kB (5379 bytes)
Hash
55b7565ef2817c68df52561cf23f5110
51d6ab7f596bf4aa98d1ad514f9c57ceb0fc7917
85f0af0811edf27af6b6b896fa99639ec5bbc8fb2094b29aee298b4e29eec442

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_3f33351716421034b67a836e912e10ab.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 5379
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"834a01076db8c043427a4a7b3885eb44"
expires: Sun, 05 Feb 2023 15:29:22 GMT
last-modified: Sat, 04 Feb 2023 15:28:40 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19541
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_61e1dd9c431b53198066dde19642073d.json

8.247.219.122

200 OK

2.9 kB

URL HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_61e1dd9c431b53198066dde19642073d.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (6946), with no line terminators
Size
2.9 kB (2869 bytes)
Hash
c5627cfc9263bfa46cd4ea5aef248e50
326d8426b11dc1bc0ea392895b9c31972086a4cb
0b69b3a1b1db8abd521f156913ced27c1eead74bf8842da2ac9bed76a40d2ae9

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_61e1dd9c431b53198066dde19642073d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 2869
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"8f5719ed0f4449d144be3d7114924dde"
expires: Sun, 05 Feb 2023 15:29:22 GMT
last-modified: Sat, 04 Feb 2023 15:28:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19541
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_0eed2ead505c30525443faea303c4b23.json

8.247.219.122

200 OK

2.2 kB

URL HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_0eed2ead505c30525443faea303c4b23.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text, with very long lines (5508), with no line terminators
Size
2.2 kB (2248 bytes)
Hash
5587d36f4a39a6bbf72e1e5d90ee7f74
9ae5fd7df78e0f251b468cfbb9b8589262b10c6b
07f4ce15810c016bda543b1c8e2004c9244da1a5c9d9d8c29f1d2f54b16e4ffa

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_0eed2ead505c30525443faea303c4b23.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 2248
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"ce5f95fa1fa98ffb6a58678180f4d447"
expires: Sun, 05 Feb 2023 15:29:22 GMT
last-modified: Sat, 04 Feb 2023 15:28:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19542
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_322abaa2b05b21c0c9e0fdd4f3ad907d.json

8.247.219.122

200 OK

458 B

URL HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_322abaa2b05b21c0c9e0fdd4f3ad907d.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text, with very long lines (458), with no line terminators
Size
458 B (458 bytes)
Hash
d9a5e041edcb5b0bb0548005d21838f1
979ea3464de824a694b115b56084a81b5cb51de9
fc107b3add846c6ef1b54e1005a619aaaecca4a3b7b703b4b99ab8777cd3fb13

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_322abaa2b05b21c0c9e0fdd4f3ad907d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 458
cache-control: public, max-age=86400
etag: "d9a5e041edcb5b0bb0548005d21838f1"
expires: Sun, 05 Feb 2023 15:29:22 GMT
last-modified: Sat, 04 Feb 2023 15:29:04 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19539
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_732e9fb1a0132cecc2d2b16c983b3bd1.json

8.247.219.122

200 OK

983 B

URL HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_732e9fb1a0132cecc2d2b16c983b3bd1.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text, with very long lines (3277), with no line terminators
Size
983 B (983 bytes)
Hash
0c9367759e3c2171ec341afde4d6e458
03510644aa46afa07fee96a2f619cfcce87d1522
4d77e997c8fc2471be1d5ba8ad7810c860667e9f82b02ccee6d9b9de0bbc490c

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_732e9fb1a0132cecc2d2b16c983b3bd1.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 983
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"bc5ec175338bc45502e15ebdfe6212e2"
expires: Sun, 05 Feb 2023 15:29:24 GMT
last-modified: Sat, 04 Feb 2023 15:28:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19539
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_identification/en/dictionary_5a88c04a8bb43c78ae94c56b9889bb6e.json

8.247.219.122

200 OK

2.6 kB

URL HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_identification/en/dictionary_5a88c04a8bb43c78ae94c56b9889bb6e.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (8222), with no line terminators
Size
2.6 kB (2574 bytes)
Hash
689ff152b09ec1636a14caf65378de31
4aa4689254470c6eb169756097ace9471e2006ab
ef870cb809ce92fc3f83eb08e75dc21c00389929fcbeae2bd1d718cfe5f48dd0

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_identification/en/dictionary_5a88c04a8bb43c78ae94c56b9889bb6e.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 2574
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"e6e39c9dc8a9fd5c7d7705ce761f0501"
expires: Sun, 05 Feb 2023 15:30:16 GMT
last-modified: Sat, 04 Feb 2023 15:29:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19539
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_identification_modal/en/dictionary_3902a8ee29caae446764d4d575b23e96.json

8.247.219.122

200 OK

308 B

URL HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_identification_modal/en/dictionary_3902a8ee29caae446764d4d575b23e96.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text, with very long lines (308), with no line terminators
Size
308 B (308 bytes)
Hash
eaea7237ed46548348d734e5785361da
2730a1f181e86add56c027c3ba8a68e38a7c6bfe
f224b7b9eaee9d1bf50508c649983d4aa6cb80777d4fcbfef96db078da931d30

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_identification_modal/en/dictionary_3902a8ee29caae446764d4d575b23e96.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 308
cache-control: public, max-age=86400
etag: "eaea7237ed46548348d734e5785361da"
expires: Sun, 05 Feb 2023 15:29:30 GMT
last-modified: Sat, 04 Feb 2023 15:29:10 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19538
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_bonuses/en/dictionary_e9ff7a99c2c9e710d4cb9cc19bf36d51.json

8.247.219.122

200 OK

1.7 kB

URL HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_bonuses/en/dictionary_e9ff7a99c2c9e710d4cb9cc19bf36d51.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (4009), with no line terminators
Size
1.7 kB (1705 bytes)
Hash
ca553a3711aa89971243bc65a63c5ae7
a4614c36733b6e580e886ae5bb48728ff299a36c
6b5520c194fdaf03974d501fcf2eaf5c5fc5020e02b6837293c0e951eafad1fe

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_bonuses/en/dictionary_e9ff7a99c2c9e710d4cb9cc19bf36d51.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 1705
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"303bd6f7b67bf59763ab36cef4ce921a"
expires: Sun, 05 Feb 2023 15:56:03 GMT
last-modified: Sat, 04 Feb 2023 15:28:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19539
accept-ranges: bytes
X-Firefox-Spdy: h2

radar.cedexis.com/1593429750/radar.js

45.54.49.5

200 OK

19 kB

URL HTTP/1.1
radar.cedexis.com/1593429750/radar.js
IP
45.54.49.5:0
ASN
#63911 NetActuate, Inc

File type
ASCII text, with very long lines (1782)
Size
19 kB (18746 bytes)
Hash
2acb3c3179b2646943d1a8f5166743cc
56aa31a4027fec3dd8cc78114c6b0f3604716c14
0ac8b27ab0fd5f6440f4fc51e98694a417ae1402a3ca4feb224643327c079595

HTTP Headers

GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 20:55:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 29 Jun 2020 11:30:35 GMT
Vary: Accept-Encoding
ETag: W/"5ef9d0db-af5c"
Expires: Sat, 18 Feb 2023 20:55:01 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip

v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_promo/en/dictionary_bab7163211916a6e5b3b9a5109ed55e1.json

8.247.219.122

200 OK

637 B

URL HTTP/2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_promo/en/dictionary_bab7163211916a6e5b3b9a5109ed55e1.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text, with very long lines (1389), with no line terminators
Size
637 B (637 bytes)
Hash
b5a96f6257c379c646237c401f9f6618
1e3548f90be2474f7343adbbd560a6f3ccbbe429
85ed51e9d77c26ab3f7d143372841d290570bf4dd9b191e69f6c7d509f618b8c

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_promo/en/dictionary_bab7163211916a6e5b3b9a5109ed55e1.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 637
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"4053c251f9208ea407b3e844791d8217"
expires: Sun, 05 Feb 2023 15:39:41 GMT
last-modified: Sat, 04 Feb 2023 15:28:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19539
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 04 Feb 2023 19:45:20 GMT
expires: Sat, 04 Feb 2023 21:45:20 GMT
cache-control: public, max-age=7200
age: 4181
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b669e9441007201537a20828d8d4c941.json

8.247.219.122

200 OK

822 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b669e9441007201537a20828d8d4c941.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
822 B (822 bytes)
Hash
02a58a65172a9624eeb90fc9bb386309
866c7477a35ee84b2d845addadfb9cd5f80519df
2f4f501c52a9d28e096e28785133f66dc61943b2c3349a5686fa3f8990af8886

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/b669e9441007201537a20828d8d4c941.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 822
cache-control: public, max-age=120, s-maxage=600
etag: "02a58a65172a9624eeb90fc9bb386309"
expires: Sun, 05 Feb 2023 03:41:47 GMT
last-modified: Fri, 16 Dec 2022 11:46:47 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 61995
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f581f42d803f91beddba79915c1245b9.json

8.247.219.122

200 OK

436 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f581f42d803f91beddba79915c1245b9.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
436 B (436 bytes)
Hash
6d3e6624c6649571ba2e987a8da4a156
7b5c29abc4f6a73d0be932f47426d352f5808286
10bcc57188ea877bc089bdfd16377f668f9619f5e51c611bdbbda1cae7749fdd

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/f581f42d803f91beddba79915c1245b9.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 436
cache-control: public, max-age=120, s-maxage=600
etag: "6d3e6624c6649571ba2e987a8da4a156"
expires: Sun, 05 Feb 2023 03:37:05 GMT
last-modified: Wed, 09 Nov 2022 17:20:55 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62278
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/265fd4170d33ecd0a32c64ca0ee78f11.json

8.247.219.122

200 OK

483 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/265fd4170d33ecd0a32c64ca0ee78f11.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
483 B (483 bytes)
Hash
4f175bce4122c1ebb4c3629df4b6775b
5a8a92f3c9782cd67a8437bbe17e2be32e5e82c2
3b575911138ca2ff40a5b128d692ab47b8a26643d27b64714d8b9587d4362a35

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/265fd4170d33ecd0a32c64ca0ee78f11.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 483
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"313a499f6965254920de0a225bc00094"
expires: Sun, 05 Feb 2023 09:14:22 GMT
last-modified: Wed, 25 Jan 2023 09:12:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 42067
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/143836a8145dfd411637eaab4dc9205a.json

8.247.219.122

200 OK

448 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/143836a8145dfd411637eaab4dc9205a.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
448 B (448 bytes)
Hash
90de3384c9b579eec621ea487b349131
0df16fdafc50a5809518a6d1a0dc686db8058adc
2419e2a6bd3add5acd8133e21bf565bafba9d4e44044f13049dcfba5d963cf64

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/143836a8145dfd411637eaab4dc9205a.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 448
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"8c0865180240e1cd2b85bbf22787a0e2"
expires: Sun, 05 Feb 2023 15:12:22 GMT
last-modified: Tue, 17 Jan 2023 15:03:51 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 20567
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/18512593c05fa51cf150eba714f0e81a.json

8.247.219.122

200 OK

554 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/18512593c05fa51cf150eba714f0e81a.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
554 B (554 bytes)
Hash
56467e05bb35c2682bdd76175b70483c
f2cfc47acc585dd9324f4b5bd1e4b34effe8284e
94037525bec750ea8bd5e2085b31b4f5ab30753ffe39f865c7790a4f726d6e68

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/18512593c05fa51cf150eba714f0e81a.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 554
cache-control: public, max-age=86400
etag: "56467e05bb35c2682bdd76175b70483c"
expires: Sun, 05 Feb 2023 18:17:47 GMT
last-modified: Tue, 27 Dec 2022 15:19:30 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 9437
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/64632a51597e81a2bdcc97a6bc6b3a6f.json

8.247.219.122

200 OK

946 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/64632a51597e81a2bdcc97a6bc6b3a6f.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
946 B (946 bytes)
Hash
4a89e10253274b05c673a5206e745f9b
8328f1f15552ecc184cf78b9f3e400905bb90de8
c8a2fc2e700b9fb5270eb8bd5d5247b513b15da06676afcbd9eb207ab27feb4d

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/64632a51597e81a2bdcc97a6bc6b3a6f.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 946
cache-control: public, max-age=120, s-maxage=600
etag: "4a89e10253274b05c673a5206e745f9b"
expires: Sun, 05 Feb 2023 03:35:06 GMT
last-modified: Fri, 25 Nov 2022 15:41:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62404
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/9ff29c5c1887a22d4ce1cedf1acfe66a.json

8.247.219.122

200 OK

698 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/9ff29c5c1887a22d4ce1cedf1acfe66a.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
698 B (698 bytes)
Hash
48a4ebb89730b25349ec152a0f637144
91d33953b00fa04e71b724ed52245f23d373ce43
429df5feb6040614f975a362627a0088c84ef62b2f89bb3fb6e98fd82f3fcc41

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/9ff29c5c1887a22d4ce1cedf1acfe66a.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 698
cache-control: public, max-age=120, s-maxage=600
etag: "48a4ebb89730b25349ec152a0f637144"
expires: Sun, 05 Feb 2023 03:46:34 GMT
last-modified: Wed, 19 Oct 2022 15:58:45 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 61709
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-277345.top/media-api/external/v1/actual-list/285

178.253.15.12

200 OK

4.4 kB

URL HTTP/2
1xlite-277345.top/media-api/external/v1/actual-list/285
IP
178.253.15.12:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (12722)
Size
4.4 kB (4396 bytes)
Hash
2bad092468d017059d2d84763c5faadb
d447ec94f7cd26cd79b86861c9e5d7e99ada1061
7a2cb82b95dab4652fc76eea4b5d221459e1abf65b0f6a53ef90e930e170ab08

HTTP Headers

GET /media-api/external/v1/actual-list/285 HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920; che_g=d11b141b-8844-64a4-0644-67c912ee4c37
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-origin: https://gitlab.xbet.lan,https://doc.office.lan
content-encoding: gzip
server-timing: dt_285;dur=3
vary: Accept-Encoding
x-request-id: 485fc340769c9d843b0e3fb13bcb9798
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e082f2758e8ee5513c9ecfd310537b82.json

8.247.219.122

200 OK

731 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e082f2758e8ee5513c9ecfd310537b82.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
731 B (731 bytes)
Hash
b48f50de824b4190dd1d21bb15d3f535
047334043ea2fe2b9767e96171837c1604d5d2b3
13a47d7e5a0fe0234a94e712a11903d64803db513029d406bf2d33aa17f5c6cb

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/e082f2758e8ee5513c9ecfd310537b82.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 731
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"56a5191b630a20b1a28c83a0f23b7f6e"
expires: Sun, 05 Feb 2023 03:44:09 GMT
last-modified: Thu, 24 Nov 2022 08:55:06 GMT
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 61866
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/22e76df188a133f0bc36a72b3b3f4873.json

8.247.219.122

200 OK

210 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/22e76df188a133f0bc36a72b3b3f4873.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
210 B (210 bytes)
Hash
f527e15d907f211b5113dbc56955faf1
25ddcfdc7fd0ce5ef631f86470c3a2e77a7aad8c
a1011fcf581117e91073315deb6afa6885be6809787d62f652de3796f129d983

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/22e76df188a133f0bc36a72b3b3f4873.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 210
cache-control: public, max-age=120, s-maxage=600
etag: "f527e15d907f211b5113dbc56955faf1"
expires: Sun, 05 Feb 2023 03:39:23 GMT
last-modified: Thu, 24 Nov 2022 09:43:23 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62139
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b7c2d85f777a0677ef3baf397653601d.json

8.247.219.122

200 OK

111 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b7c2d85f777a0677ef3baf397653601d.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
111 B (111 bytes)
Hash
faffb5bfe33fdb8649243907d7a94bdf
162710a0dc33e410dcd71ae0d0d668fb5435a12e
0f02c603df2967927c6486280e6fa82b407d37292b42cd2093e63c7736b0f324

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/b7c2d85f777a0677ef3baf397653601d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 111
cache-control: public, max-age=120, s-maxage=600
etag: "faffb5bfe33fdb8649243907d7a94bdf"
expires: Sun, 05 Feb 2023 03:38:54 GMT
last-modified: Thu, 24 Nov 2022 19:45:04 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62168
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f21bfac77952011a6e229ba58adae02d.json

8.247.219.122

200 OK

256 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f21bfac77952011a6e229ba58adae02d.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
256 B (256 bytes)
Hash
39fca623bcf1adfcddf94df7c4a64e56
7ae9112e0a0862e75880d16dd5dc5c08adf374cf
6c44cc918b0c5b8d1d75c6f1cf3c5e5a7818afd703d139ddb6701bb2c9488cf7

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/f21bfac77952011a6e229ba58adae02d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 256
cache-control: public, max-age=120, s-maxage=600
etag: "39fca623bcf1adfcddf94df7c4a64e56"
expires: Sun, 05 Feb 2023 03:50:22 GMT
last-modified: Fri, 25 Nov 2022 13:34:46 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 61481
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ca16a13e90c218de51d3f5edfe6f0cc2.json

8.247.219.122

200 OK

228 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ca16a13e90c218de51d3f5edfe6f0cc2.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
228 B (228 bytes)
Hash
5cac928a2f45d0805307a9c8f0aa78c4
ce1cfd7863d2f2ae2d9f5118c19a5b54c28391db
5b8285b661cd6d67311bba7e6e4bc4443540743ac6b0fa07e82a5a351a521a8c

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/ca16a13e90c218de51d3f5edfe6f0cc2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 228
cache-control: public, max-age=120, s-maxage=600
etag: "5cac928a2f45d0805307a9c8f0aa78c4"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Wed, 30 Nov 2022 10:02:19 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f4d7ad12e277e08b7aa2f4d49cb7d822.json

8.247.219.122

200 OK

300 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f4d7ad12e277e08b7aa2f4d49cb7d822.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
300 B (300 bytes)
Hash
48be76dca522651778b61fef1fd36f9b
197dc7f2871fcd308bad3bce323a80e86979f312
cc3b083e4f73b70afccad87ccf2272d175c9e83571bb59eac40d41ed48c54117

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/f4d7ad12e277e08b7aa2f4d49cb7d822.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 300
cache-control: public, max-age=120, s-maxage=600
etag: "48be76dca522651778b61fef1fd36f9b"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Wed, 30 Nov 2022 10:46:49 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1becdc1f6b59952249533c880c6880ec.json

8.247.219.122

200 OK

946 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1becdc1f6b59952249533c880c6880ec.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
946 B (946 bytes)
Hash
f41e20627f5e291f984b8554394c55e8
5b9d5e1b273b07f30ee54dfff81e60e90c433adc
20adb747045add70a6f3bcfa2aed39e89b248489cb297829f5e63d695cbfc032

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/1becdc1f6b59952249533c880c6880ec.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 946
cache-control: public, max-age=120, s-maxage=600
etag: "f41e20627f5e291f984b8554394c55e8"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Wed, 30 Nov 2022 17:34:27 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/963d69167e291893dfa57175129c3059.json

8.247.219.122

200 OK

492 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/963d69167e291893dfa57175129c3059.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
492 B (492 bytes)
Hash
248ebfceaa7a36bfde55f8b07497f6a5
1d40f8938b10f6e73858ef4d9722e3c7961b74fa
0c3933781c8928cca0da1a5138222b9a80ffc87e3158b6b5f836685dd6004895

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/963d69167e291893dfa57175129c3059.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 492
cache-control: public, max-age=120, s-maxage=600
etag: "248ebfceaa7a36bfde55f8b07497f6a5"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Wed, 30 Nov 2022 17:30:55 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62439
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8b6052052084c476e3df736ea07421c2.json

8.247.219.122

200 OK

225 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8b6052052084c476e3df736ea07421c2.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
225 B (225 bytes)
Hash
6a2755cb70b088e6141be598de61c5a6
f7f991fbf9eefc45b0a72c3a43828dc00a6910bc
9610dc037558698fe911191eef8997ee9252feba71a66f9d96a01ed558c8ba1f

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/8b6052052084c476e3df736ea07421c2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 225
cache-control: public, max-age=120, s-maxage=600
etag: "6a2755cb70b088e6141be598de61c5a6"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Sat, 03 Dec 2022 11:12:15 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/96881cd0fb2db04ec9d1cf86f4e4924f.json

8.247.219.122

200 OK

1.7 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/96881cd0fb2db04ec9d1cf86f4e4924f.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
1.7 kB (1673 bytes)
Hash
88d0490a9e8d198492747831ea278c54
46d195fb8837bedc664aa073a45c7b8c8a69bf07
68ba73152ae627378e8216d4bbb8131de929d2704def7b0fcae55039e1698c94

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/96881cd0fb2db04ec9d1cf86f4e4924f.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 1673
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"609aaa012670abbca24fd34d09c7b865"
expires: Sun, 05 Feb 2023 03:40:04 GMT
last-modified: Tue, 06 Dec 2022 14:12:36 GMT
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3f7f8110bcd8ce0a9aa4be48ea16e1d2.json

8.247.219.122

200 OK

516 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3f7f8110bcd8ce0a9aa4be48ea16e1d2.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
516 B (516 bytes)
Hash
44c2f1b2b4eb264032b24fa39874154f
099c97fa7fb406570e3125f5496544a3a9e0c894
e75dd03216f6cd1eb246a349a5f143ee8bb6666dd4348fe17e6d6b69a96c9aef

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/3f7f8110bcd8ce0a9aa4be48ea16e1d2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 516
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"e00aa40f39b62d158796afcc79d1fdbb"
expires: Sun, 05 Feb 2023 08:41:46 GMT
last-modified: Wed, 28 Dec 2022 08:33:44 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 44024
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/a63cc41bfcb34a244287322ddf38cff2.json

8.247.219.122

200 OK

99 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/a63cc41bfcb34a244287322ddf38cff2.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
99 B (99 bytes)
Hash
706f327eb7affdd0d7a76d6aafe7a10a
8855dcb66d82ff5ad628dba4fb731682cae0256c
afaa1867678dbdf762fe021180a5f286898e7bb4af3c38c023fe312abc038df8

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/a63cc41bfcb34a244287322ddf38cff2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 99
cache-control: public, max-age=86400, s-maxage=600
etag: "706f327eb7affdd0d7a76d6aafe7a10a"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Wed, 21 Dec 2022 14:36:35 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/89565e7e77f2c2f7f8e9eca797d0601b.json

8.247.219.122

200 OK

478 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/89565e7e77f2c2f7f8e9eca797d0601b.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
478 B (478 bytes)
Hash
64ba3d1ec6aab98fd16071ae3633c67e
21a80c7002a74a180fac055443da2d11fc56016d
53d4b6974cbb9704556f6b6ca28c0d4429b0b75abd15d60aa6427038aaaad040

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/89565e7e77f2c2f7f8e9eca797d0601b.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 478
cache-control: public, max-age=86400
etag: "64ba3d1ec6aab98fd16071ae3633c67e"
expires: Sun, 05 Feb 2023 11:11:32 GMT
last-modified: Wed, 28 Dec 2022 10:59:54 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 35011
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f130397ae44629a33efc81ca213689cd.json

8.247.219.122

200 OK

108 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f130397ae44629a33efc81ca213689cd.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
108 B (108 bytes)
Hash
c6fcb39c93e99663b88f79bfe8769a0a
441ee30615b3766354187ffad0db8bb8096c7e10
2c0d5e509b523eab5d7969b3671fca5e87bf5d97711a705c4f6af3955266bea4

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/f130397ae44629a33efc81ca213689cd.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 108
cache-control: public, max-age=86400
etag: "c6fcb39c93e99663b88f79bfe8769a0a"
expires: Sun, 05 Feb 2023 13:34:37 GMT
last-modified: Wed, 28 Dec 2022 13:18:17 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 26476
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d3f71fe87f4c8a4a685b8802490fd0ed.json

8.247.219.122

200 OK

358 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d3f71fe87f4c8a4a685b8802490fd0ed.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
358 B (358 bytes)
Hash
fd4225daa92034cbe5e5256cc6e4d85c
50573e6f66991bc6c958dcb03538647cb6707784
81e1d39ee911b54190b55f7bd481413e720f510f146637afeab26135ac570790

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/d3f71fe87f4c8a4a685b8802490fd0ed.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 358
cache-control: public, max-age=86400
etag: "fd4225daa92034cbe5e5256cc6e4d85c"
expires: Sun, 05 Feb 2023 11:15:39 GMT
last-modified: Mon, 26 Dec 2022 11:01:50 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 34792
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f2f4dc8e6428c223ac94654e5223001c.json

8.247.219.122

200 OK

99 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f2f4dc8e6428c223ac94654e5223001c.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
99 B (99 bytes)
Hash
731f6291c733690f0b139344337bd977
7fbf1d1c95ef6508fa1709833f404da8a3897da4
f6bbb49a8a9c9eec2c54f7e408916c74759e8f06c8b9feb99516c723c9928932

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/f2f4dc8e6428c223ac94654e5223001c.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 99
cache-control: public, max-age=86400
etag: "731f6291c733690f0b139344337bd977"
expires: Sun, 05 Feb 2023 10:59:33 GMT
last-modified: Fri, 23 Dec 2022 10:47:37 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 35731
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c7e70d318bb14ce46630ac438ad4964.json

8.247.219.122

200 OK

440 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c7e70d318bb14ce46630ac438ad4964.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
440 B (440 bytes)
Hash
5d188375d8dce00cbdc0fd574d8e0bae
5fd7ecea863c61a9efc148ca5385f7e52d6b3d66
4357dc067ba824d9050578640f19cc65fc448031413178b43f57f56971781de8

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/7c7e70d318bb14ce46630ac438ad4964.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 440
cache-control: public, max-age=120, s-maxage=600
etag: "5d188375d8dce00cbdc0fd574d8e0bae"
expires: Sun, 05 Feb 2023 03:41:47 GMT
last-modified: Thu, 01 Dec 2022 11:01:29 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 61995
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8bce932550f21c5ffba363a9e794d799.json

8.247.219.122

200 OK

464 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8bce932550f21c5ffba363a9e794d799.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
464 B (464 bytes)
Hash
dd29ab21d3e7cf4781fc0d05d2e40a0c
8d5107696ce4192ae8f473efa3b636ec1a72754e
74b39d8807a0f72cddc8081351d22ad891eda552ee8dfa6bd09a655bddb683ca

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/8bce932550f21c5ffba363a9e794d799.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 464
cache-control: public, max-age=86400
etag: "dd29ab21d3e7cf4781fc0d05d2e40a0c"
expires: Sun, 05 Feb 2023 18:41:55 GMT
last-modified: Thu, 29 Dec 2022 18:29:12 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 7987
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/943706cd841a10e16466c938b658fd1d.json

8.247.219.122

200 OK

2 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/943706cd841a10e16466c938b658fd1d.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/943706cd841a10e16466c938b658fd1d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 2
cache-control: public, max-age=120, s-maxage=600
etag: "d751713988987e9331980363e24189ce"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Fri, 16 Dec 2022 18:00:50 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/6805816e226c2419555ce0fde3514a7d.json

8.247.219.122

200 OK

110 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/6805816e226c2419555ce0fde3514a7d.json
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JSON data\012- , ASCII text
Size
110 B (110 bytes)
Hash
1175ec94034c5e4c4edf702837643294
351c353aaef0b02c35e4ad829b622affdc44acc4
27adb9c530ca56b61926b0a6be2032c201de21d5eb4deef3736351cc57151c04

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/6805816e226c2419555ce0fde3514a7d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 110
cache-control: public, max-age=86400
etag: "1175ec94034c5e4c4edf702837643294"
expires: Sun, 05 Feb 2023 17:26:17 GMT
last-modified: Thu, 29 Dec 2022 17:18:40 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 12525
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg

8.247.219.122

200 OK

698 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Size
698 B (698 bytes)
Hash
baf96800254904a05eee2ff49c94a801
847efb3449a8d7857f004192310aa2164a71d530
0ba137aa5f655e712ac40a592f366d1bd3b53b0a6b71c2cff4e7e0090f440335

HTTP Headers

GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: image/svg+xml
content-length: 698
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Sun, 05 Feb 2023 03:09:48 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 63918
accept-ranges: bytes
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je3210&_p=77203338&cid=516282023.1675544139&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675544139&sct=1&seg=0&dl=https%3A%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je3210&_p=77203338&cid=516282023.1675544139&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675544139&sct=1&seg=0&dl=https%3A%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je3210&_p=77203338&cid=516282023.1675544139&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675544139&sct=1&seg=0&dl=https%3A%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-277345.top
date: Sat, 04 Feb 2023 20:55:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 306183
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.35

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 373556
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

142.250.74.35

200 OK

9.6 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Size
9.6 kB (9628 bytes)
Hash
d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 12:24:15 GMT
expires: Thu, 01 Feb 2024 12:24:15 GMT
cache-control: public, max-age=31536000
age: 289847
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1xlite-277345.top/_nuxt/Desktop/Default/svg-sprites/common-2000139.svg

178.253.15.12

200 OK

44 kB

URL HTTP/2
1xlite-277345.top/_nuxt/Desktop/Default/svg-sprites/common-2000139.svg
IP
178.253.15.12:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Size
44 kB (44055 bytes)
Hash
7e83acc280b6699b5dd0b353a5d44712
80ed52aeafd6dceea8b097a33e5534e4eecb6b7b
3f35574d9a746ac4743f3b52d0f467f67881e46862a1b702975e8d05c66b1017

HTTP Headers

GET /_nuxt/Desktop/Default/svg-sprites/common-2000139.svg HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
etag: W/"63dd2f1a-1b712"
expires: Sun, 05 Feb 2023 20:41:35 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-ff1f901e.modern.js

8.247.219.122

200 OK

18 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-ff1f901e.modern.js
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (43176), with NEL line terminators
Size
18 kB (17545 bytes)
Hash
894b8143139c9e94297417c9c1b7d10a
585fcc45d9ec7ecff96737ee52b0838846742a2f
852861604ba52b4b53805aed63936e1224d7ee71493054f32130c2225bcd40e8

HTTP Headers

GET /_nuxt/desktop/default/vendors/betting.media-ff1f901e.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 17545
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-4489"
expires: Sun, 05 Feb 2023 07:48:55 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47173
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/398badd9.css

8.247.219.122

200 OK

1.2 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/398badd9.css
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (5498), with no line terminators
Size
1.2 kB (1238 bytes)
Hash
e21992f58d329c265b326d0ba8d59440
6210d114e7169c92cabb3589b6abba9e83078c33
91b5ccc3fc5186c54091da99b0fcadc43b92179c198b7a0b58dabc9a3880fd88

HTTP Headers

GET /_nuxt/desktop/default/css/398badd9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: text/css
content-length: 1238
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-4d6"
expires: Sun, 05 Feb 2023 12:28:35 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30401
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-277345.top/web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st

178.253.15.12

200 OK

4.7 kB

URL HTTP/2
1xlite-277345.top/web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st
IP
178.253.15.12:0
ASN
#0

File type
JSON data\012- data
Size
4.7 kB (4687 bytes)
Hash
36ddb4e6a2b02764ee27083394482738
a3ba434ba32b465a44a6927e740db71445d5e6ce
358844d3d25883163783019ad767b0f8c7cd2b44523b2f2f7486ee453edfc283

HTTP Headers

GET /web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/vnd.api+json
cache-control: max-age=300, private
server-timing: p;dur=156, dt_285;dur=159
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-6ba39157.modern.js

8.247.219.122

200 OK

1.1 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-6ba39157.modern.js
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (2450), with no line terminators
Size
1.1 kB (1079 bytes)
Hash
58030eabeba7ffaee3f3e3e07e0673e1
93572e0749eb8ff680d62d8dbaf0774bf3bc0963
dc004167b880991d21235113ca8e8d84f10a72b795dd543778d9e15044509bdb

HTTP Headers

GET /_nuxt/desktop/default/ioc.dependencies.32-6ba39157.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 1079
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-437"
expires: Sun, 05 Feb 2023 07:48:46 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47180
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-277345.top/domain-api/api/v1/domains/1xlite-277345.top

178.253.15.12

200 OK

84 B

URL HTTP/2
1xlite-277345.top/domain-api/api/v1/domains/1xlite-277345.top
IP
178.253.15.12:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
84 B (84 bytes)
Hash
d04a6797f03d7f5bd2988b15ab7ebb24
18bd0fe1fe44e78db59d4f853969762a61065704
53b2acde0c844bb480636038b55685ab9848987ec6bf719a0eacb5eff43a6849

HTTP Headers

GET /domain-api/api/v1/domains/1xlite-277345.top HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/vnd.api+json
content-length: 84
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&language=en

178.253.15.12

200 OK

50 B

URL HTTP/2
1xlite-277345.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&language=en
IP
178.253.15.12:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
50 B (50 bytes)
Hash
b87a1addd40bfb43c006eedcb9f21f28
7c504dfdecbb7e3e61f8681eb9e338a6698d5fc2
931bc5f84afccc01bc652d702e50b45ab57739699a88f157b994eda943ffcf57

HTTP Headers

GET /frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&language=en HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json; charset=utf-8
content-length: 50
access-control-allow-origin: *
etag: W/"32-fFBN/ey7fj5h+GgeueM4pmmNX8I"
server-timing: requestTime; dur=41.679576999999995; desc="req_t", renderTime; dur=41.687483; desc="rend_t", total; dur=43.18261; desc="Total Response Time"
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&geo=137&language=en

178.253.15.12

200 OK

354 B

URL HTTP/2
1xlite-277345.top/web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&geo=137&language=en
IP
178.253.15.12:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (354), with no line terminators
Size
354 B (354 bytes)
Hash
9ea782b2310e47d7c5ec74a238dcfe6b
a848ad8c2a0283795b21ecba1a427563e3151c79
8149dbe96db355358adb2f062dfa6481347d1c11ad4b7f87256cd080c2b77ee0

HTTP Headers

GET /web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&geo=137&language=en HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/vnd.api+json
cache-control: max-age=300, private
server-timing: p;dur=142, dt_285;dur=144
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/web-api/api/internal/v1/proof_of_age

178.253.15.12

204 No Content

0 B

URL HTTP/2
1xlite-277345.top/web-api/api/internal/v1/proof_of_age
IP
178.253.15.12:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
cache-control: no-cache, private
server-timing: p;dur=28, dt_285;dur=33
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=516282023.1675544139&jid=402659514&gjid=613280133&_gid=423352991.1675544139&_u=aCDAAUACQAAAACAAI~&z=1699100981

64.233.161.154

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=516282023.1675544139&jid=402659514&gjid=613280133&_gid=423352991.1675544139&_u=aCDAAUACQAAAACAAI~&z=1699100981
IP
64.233.161.154:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=516282023.1675544139&jid=402659514&gjid=613280133&_gid=423352991.1675544139&_u=aCDAAUACQAAAACAAI~&z=1699100981 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://1xlite-277345.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Feb 2023 20:55:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1xlite-277345.top/web-api/api/v3/bonuses/1st

178.253.15.12

200 OK

235 kB

URL HTTP/2
1xlite-277345.top/web-api/api/v3/bonuses/1st
IP
178.253.15.12:0
ASN
#0

File type
data
Size
235 kB (235315 bytes)
Hash
45d23e8dcebe78a7ca7846a93fcbc006
e36ed74d1e48d2de789d939d650e05d5f7f81e02
5ee55f3823a422ae0083b60067804e6c19817d43849afae6eb8da64432817d4e

HTTP Headers

POST /web-api/api/v3/bonuses/1st HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=390, dt_285;dur=393
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/grand-slam-tournaments.jpg

8.247.219.122

200 OK

41 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/grand-slam-tournaments.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, progressive, precision 8, 315x250, components 3\012- data
Size
41 kB (41188 bytes)
Hash
f35054e3f051511591cb7f782e78ac0f
33a2d9ff3ef9991875677550fba73da300d5eece
61eaa425416e23c9f9003fb68c34fd7f13fe15b5eb598d79913e0f93211569eb

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/grand-slam-tournaments.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpeg
content-length: 41188
cache-control: public, max-age=86400
etag: "f35054e3f051511591cb7f782e78ac0f"
expires: Sun, 05 Feb 2023 14:48:58 GMT
last-modified: Wed, 18 Jan 2023 09:41:47 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 21965
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/headless-football.jpg

8.247.219.122

200 OK

14 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/headless-football.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3\012- data
Size
14 kB (14463 bytes)
Hash
b3b6e35e885c20452f70cbeb54027467
59fed2e87969e31fa45122379c8a97f33001bf36
0fa251b40dfc4acb0e7c3359bc38293df7898863185a74e90ee1761d04b3c08f

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/headless-football.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 14463
cache-control: public, max-age=120, s-maxage=600
etag: "b3b6e35e885c20452f70cbeb54027467"
expires: Sun, 05 Feb 2023 01:36:25 GMT
last-modified: Fri, 06 Nov 2020 12:52:02 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 71083
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.jpg

8.247.219.122

200 OK

46 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, progressive, precision 8, 315x250, components 3\012- data
Size
46 kB (45630 bytes)
Hash
bcd6f81e0f43cbcff60824bb657a8a78
f46f12f28645287c84ea4ada1b287461c54df69e
1575c46481e4e1eb7ad439a451ef4af705a1084196766db5aca4d47790fff484

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 45630
cache-control: public, max-age=120, s-maxage=600
etag: "bcd6f81e0f43cbcff60824bb657a8a78"
expires: Sat, 04 Feb 2023 22:27:01 GMT
last-modified: Mon, 13 Jun 2022 06:48:14 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 80882
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.jpg

8.247.219.122

200 OK

44 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, progressive, precision 8, 315x250, components 3\012- data
Size
44 kB (43559 bytes)
Hash
c37fcadea18df30563df3801edbc452e
79ad3ca2442918aa4c8c7647e4cda21081eaaef3
f5cd0b9aff7d896d296fbca52989ef5e15c3ec075d94a08fc5cda37367325858

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 43559
cache-control: public, max-age=120, s-maxage=600
etag: "c37fcadea18df30563df3801edbc452e"
expires: Sat, 04 Feb 2023 22:27:01 GMT
last-modified: Mon, 13 Jun 2022 06:50:19 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 80882
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/winter-wanderings-tournament.jpg

8.247.219.122

200 OK

58 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/winter-wanderings-tournament.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 450x330, components 3\012- data
Size
58 kB (57690 bytes)
Hash
eb575afed87a72f88c8af25e783f20f9
cbc904da7aed59d29c4dcfb07b2a2a85d15f8424
1bc241d87bee9edfd7876891a17fd198be783632fe35d81a09c5718c75dc7851

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/winter-wanderings-tournament.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpeg
content-length: 57690
cache-control: public, max-age=86400
etag: "eb575afed87a72f88c8af25e783f20f9"
expires: Sun, 05 Feb 2023 07:14:23 GMT
last-modified: Thu, 05 Jan 2023 12:10:32 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 49240
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/drops-and-wins-2022-tournament.jpg

8.247.219.122

200 OK

88 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/drops-and-wins-2022-tournament.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 450x330, components 3\012- data
Size
88 kB (87535 bytes)
Hash
940def1de6f4f405864c47d769d970ed
db31187356f5619859e4238966497e870c4a0322
cc9d112403265c3f53b8ddc83d269227c503ce920cb50ae7291bae14571f9d86

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/drops-and-wins-2022-tournament.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpeg
content-length: 87535
cache-control: public, max-age=86400, s-maxage=600
etag: "940def1de6f4f405864c47d769d970ed"
expires: Sat, 04 Feb 2023 10:09:50 GMT
last-modified: Tue, 13 Dec 2022 16:50:13 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 49244
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/live-drops-and-wins-2022-tournament.jpg

8.247.219.122

200 OK

106 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/live-drops-and-wins-2022-tournament.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 450x330, components 3\012- data
Size
106 kB (106517 bytes)
Hash
a52836e8cfc0c292408146194c28f19d
cc4b0f158ba4bf61952d59593f6e3689cc8b817a
8b7e24c6ab5b60d7fb58a16afe805791381b4ebcd513620049be2979282e75af

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/live-drops-and-wins-2022-tournament.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpeg
content-length: 106517
cache-control: public, max-age=86400, s-maxage=600
etag: "a52836e8cfc0c292408146194c28f19d"
expires: Sun, 05 Feb 2023 13:59:29 GMT
last-modified: Tue, 13 Dec 2022 10:18:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 25897
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/cl-2022.jpg

8.247.219.122

200 OK

72 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/cl-2022.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, progressive, precision 8, 315x250, components 3\012- data
Size
72 kB (72465 bytes)
Hash
d0d9e7e510c66cff387f7f89f28b3702
d1cff04ce74fd8392a8667c554663a6dd5993265
998511ec7dc5864f1bb17ba362a65e615924ad5d6bf28ed819ac91a6fed42250

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/cl-2022.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 72465
cache-control: public, max-age=120, s-maxage=600
etag: "d0d9e7e510c66cff387f7f89f28b3702"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Wed, 28 Sep 2022 12:14:39 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 6052
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-force-buy-bonus.jpg

8.247.219.122

200 OK

19 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-force-buy-bonus.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 315x250, components 3\012- data
Size
19 kB (18865 bytes)
Hash
befe3c1141d3ee2cda0afb63465226e1
989afc9404bfe2a0a283900df34981e96c609aad
58aa116a19dd40096d63926763ca0ed06d2de9c34d8bdd79fe05b102a7d044f2

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/promo-force-buy-bonus.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 18865
cache-control: public, max-age=120, s-maxage=600
etag: "befe3c1141d3ee2cda0afb63465226e1"
expires: Sun, 05 Feb 2023 09:41:19 GMT
last-modified: Fri, 06 Nov 2020 12:52:06 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 44215
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express-fight.jpg

8.247.219.122

200 OK

56 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express-fight.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, baseline, precision 8, 315x250, components 3\012- data
Size
56 kB (55623 bytes)
Hash
ca1c743728dbf7fa04daf902690f42ef
4d8b6e7fe9c4a1014c104c618b235a755efb5405
503b9de544f35df7cfb5150de6a97997203a84be22c58f9c665c6a3f26878a15

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/express-fight.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 55623
cache-control: public, max-age=120, s-maxage=600
etag: "ca1c743728dbf7fa04daf902690f42ef"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Fri, 22 Jul 2022 08:36:25 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 2275
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/big-bang-tournament.jpg

8.247.219.122

200 OK

51 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/big-bang-tournament.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 450x330, components 3\012- data
Size
51 kB (51055 bytes)
Hash
a33dde3ef64955f4616fc300976847f4
be80b7122f65a3a02691eb685224e4fd953eec20
7abefbf48878bafd25689e57e32e99f0a79d20dffd8456b6711d6c5c2c3ee636

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/big-bang-tournament.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpeg
content-length: 51055
cache-control: public, max-age=86400, s-maxage=600
etag: "a33dde3ef64955f4616fc300976847f4"
expires: Sun, 05 Feb 2023 18:12:23 GMT
last-modified: Sun, 27 Nov 2022 20:35:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 13191
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.jpg

8.247.219.122

200 OK

16 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 315x250, components 3\012- data
Size
16 kB (16543 bytes)
Hash
24024233130161188e3570ecac8a8700
5519e647f0e39205096e53ecac5ff2b05f6bc8b8
9ba195730fb953243dd2f1dd4d1896cacd95ec63e5c22c69a478cd2ac20ca19f

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/top-bins.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 16543
cache-control: public, max-age=86400, s-maxage=600
etag: "24024233130161188e3570ecac8a8700"
expires: Sat, 04 Feb 2023 22:27:01 GMT
last-modified: Fri, 06 Nov 2020 12:52:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 80882
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-277345.top/web-api/api/internal/v1/sessions/user

178.253.15.12

200 OK

100 kB

URL HTTP/2
1xlite-277345.top/web-api/api/internal/v1/sessions/user
IP
178.253.15.12:0
ASN
#0

File type
data
Size
100 kB (99875 bytes)
Hash
f3214739ca5498e36db25fe2295cccd9
2bd46ab790adb9eb44bceca8a81a03a745161cac
95e8e4d90e26e9a61f4525f347da16d47fe3f55bcffc06548a05bb07b6940270

HTTP Headers

GET /web-api/api/internal/v1/sessions/user HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=29, dt_285;dur=30
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/dailytournament.jpg

8.247.219.122

200 OK

38 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/dailytournament.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x250, components 3\012- data
Size
38 kB (37779 bytes)
Hash
ef1314aefdb0fb58143bb8174f670f50
cb6915bed58a3c1d1e841fb63bf3efd460db293e
7b0b3eb569e49668bb845b5549cedc5621d7e0ec2990ae96bd7b3f15ec9d9a44

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/dailytournament.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 37779
cache-control: public, max-age=120, s-maxage=600
etag: "ef1314aefdb0fb58143bb8174f670f50"
expires: Sun, 05 Feb 2023 01:10:20 GMT
last-modified: Fri, 06 Nov 2020 12:51:59 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 71083
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/luckyday.jpg

8.247.219.122

200 OK

33 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/luckyday.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x250, components 3\012- data
Size
33 kB (32713 bytes)
Hash
c1abca65835fa32fb830248a2776cdae
74d6a50d876dcbde563c09d34210e0ff050bc23a
0a4420b71802b9e42962f42924d521639ff3b43a6af41decddc4cb1cd4d78a02

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/luckyday.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 32713
cache-control: public, max-age=86400, s-maxage=600
etag: "c1abca65835fa32fb830248a2776cdae"
expires: Sun, 05 Feb 2023 05:44:58 GMT
last-modified: Fri, 06 Nov 2020 12:52:04 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 54605
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/m-effect.jpg

8.247.219.122

200 OK

42 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/m-effect.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, baseline, precision 8, 315x250, components 3\012- data
Size
42 kB (41643 bytes)
Hash
8dbc7072a250f72b8effb9a46a43ebc6
97c73496927d4cf2678134711d122a59f5eb8282
626339465c07b3bdf2bdd2a751adc8e0312500fa0ee0399359d5799bc7ac977a

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/m-effect.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 41643
cache-control: public, max-age=86400
etag: "8dbc7072a250f72b8effb9a46a43ebc6"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Mon, 21 Mar 2022 07:35:47 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 6048
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/beatus.jpg

8.247.219.122

200 OK

21 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/beatus.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3\012- data
Size
21 kB (21128 bytes)
Hash
63d08b16fcfcca6c37e3b7006288ce24
8442c1e4ebd7c10f82f9d775c7662729b4d0708d
b63b0a7f32ac02189bf3de07e31c61e8487caa765307f7c7f0ca066478a38862

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/beatus.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 21128
cache-control: public, max-age=86400, s-maxage=600
etag: "63d08b16fcfcca6c37e3b7006288ce24"
expires: Sun, 05 Feb 2023 10:57:53 GMT
last-modified: Fri, 06 Nov 2020 12:51:58 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 44215
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st.jpg

8.247.219.122

200 OK

108 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
PNG image data, 315 x 250, 8-bit/color RGB, non-interlaced\012- data
Size
108 kB (108359 bytes)
Hash
e7b1615b0a8eed982a8050812f0998fe
815bf7953496d41dffb26bb21c06070640f68b0d
dada969a93aaed11ad6e039f97aa995601905b7b1ab9700329b86d571344fefd

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/1st.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 108359
cache-control: public, max-age=86400, s-maxage=600
etag: "e7b1615b0a8eed982a8050812f0998fe"
expires: Sun, 05 Feb 2023 11:33:22 GMT
last-modified: Mon, 21 Nov 2022 09:04:09 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 34760
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.jpg

8.247.219.122

200 OK

21 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 372x250, components 3\012- data
Size
21 kB (20639 bytes)
Hash
ea2a704ec8a7d6a829dd82a13ba87b39
3259161ac5d9e13b545ad236714ffadc6d9b49b1
ea996848def281287065e2dedcf41a2e243e81254ac281dae95b7197e90783d1

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/multiply2.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 20639
cache-control: public, max-age=120, s-maxage=600
etag: "ea2a704ec8a7d6a829dd82a13ba87b39"
expires: Sat, 04 Feb 2023 22:27:01 GMT
last-modified: Fri, 06 Nov 2020 12:52:06 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 80882
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.jpg

8.247.219.122

200 OK

14 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 372x250, components 3\012- data
Size
14 kB (14038 bytes)
Hash
477586f04c56b78e22c45bfe2eabd60c
73578a6ff35439780cf4850250db8b73a0b782c9
ecdb942eec544352ec0d5dab63d2c9327e5301a25861b9f41eee95f84d0f2b90

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/express.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 14038
cache-control: public, max-age=120, s-maxage=600
etag: "477586f04c56b78e22c45bfe2eabd60c"
expires: Sat, 04 Feb 2023 22:27:03 GMT
last-modified: Fri, 06 Nov 2020 12:52:00 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 80882
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.jpg

8.247.219.122

200 OK

33 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], progressive, precision 8, 315x250, components 3\012- data
Size
33 kB (33441 bytes)
Hash
88d9dcf14c9ec05183d4c2d1e61dfca3
132181b19d8d5292acf8ba11ac123166f24b1486
c544b5aba5eff2e720e1f06aff663f23ca92d7ec9ba2253a9357273d6b07de9c

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 33441
cache-control: public, max-age=120, s-maxage=600
etag: "88d9dcf14c9ec05183d4c2d1e61dfca3"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Fri, 06 Nov 2020 12:52:07 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 6051
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.jpg

8.247.219.122

200 OK

46 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3\012- data
Size
46 kB (45906 bytes)
Hash
8e5b63486b00b68073e1c72f617c681a
f3f00f8d297bb75ea7f267e92fef20d164e51fc1
7bde09aa185ce9dda524613aabf30b3cb90f0d3e6f3b5b52bb50e78f2ab43ede

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 45906
cache-control: public, max-age=120, s-maxage=600
etag: "8e5b63486b00b68073e1c72f617c681a"
expires: Sun, 05 Feb 2023 01:10:20 GMT
last-modified: Thu, 22 Apr 2021 14:23:33 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 71083
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.jpg

8.247.219.122

200 OK

54 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3\012- data
Size
54 kB (53490 bytes)
Hash
088127ead5ce788c82857fbdf994113b
2d45a9b1c9e2a114efcd9f6417b3e15cc898e06d
e68e0c196939c1fbf72a06f359d88abdbd5ccf597d8578043acac54e7fe8065a

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/percentage.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 53490
cache-control: public, max-age=120, s-maxage=600
etag: "088127ead5ce788c82857fbdf994113b"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Fri, 06 Nov 2020 12:52:06 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 6048
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store.jpg

8.247.219.122

200 OK

14 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 372x250, components 3\012- data
Size
14 kB (13852 bytes)
Hash
abf2f939cf8a052578e2c871ec56b80d
3b5a4280fb67e9cfcd00577b553cc1f060d54d33
b3e9a20be4bb35ded9f748f1ed0b933fc2a586a837809635f0371f9dbe5bbe0f

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/promo-store.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 13852
cache-control: public, max-age=120, s-maxage=600
etag: "abf2f939cf8a052578e2c871ec56b80d"
expires: Sun, 05 Feb 2023 07:14:23 GMT
last-modified: Fri, 06 Nov 2020 12:52:07 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 49240
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.jpg

8.247.219.122

200 OK

22 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 372x250, components 3\012- data
Size
22 kB (21622 bytes)
Hash
0174c681bd35c45c7b4ff5eea28d8966
c793c1ddff57f96d5d1bad2580cecc8000463175
496c143ddf94f5dc2fe61e00ee6deabdb65daac291ee2e924a16727861331e75

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/loss20.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 21622
cache-control: public, max-age=120, s-maxage=600
etag: "0174c681bd35c45c7b4ff5eea28d8966"
expires: Sun, 05 Feb 2023 10:57:53 GMT
last-modified: Fri, 06 Nov 2020 12:52:04 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 44215
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.jpg

8.247.219.122

200 OK

62 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 315x250, components 3\012- data
Size
62 kB (61571 bytes)
Hash
5aaddf2c56dd3132a3eb40fd514309c6
74dc6650e0bc516bbefbe1da71fb5e0243e69191
5989764a0ab5e33ea4d229993ff2842fc8d9fe15e6a7ab42de32fc326e28b1c2

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 61571
cache-control: public, max-age=86400
etag: "5aaddf2c56dd3132a3eb40fd514309c6"
expires: Sat, 04 Feb 2023 14:50:58 GMT
last-modified: Tue, 11 Oct 2022 11:39:10 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 44215
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.jpg

8.247.219.122

200 OK

23 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 372x250, components 3\012- data
Size
23 kB (22927 bytes)
Hash
d389504085d6a0adf21e9da34a039152
29c5ca6ff17b51674817f1380995a43f50404d93
e84e040ad8dc1b4f495332e0c676820afe5f12783f735600cf9652f6f335ddc2

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/race.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 22927
cache-control: public, max-age=120, s-maxage=600
etag: "d389504085d6a0adf21e9da34a039152"
expires: Sun, 05 Feb 2023 10:57:53 GMT
last-modified: Fri, 06 Nov 2020 12:52:06 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 44215
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/doverie.jpg

8.247.219.122

200 OK

24 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/doverie.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 372x250, components 3\012- data
Size
24 kB (23561 bytes)
Hash
e7b54e87165cfc51f85befa2faf2c829
e7c152a65907a954ea21eeed7f94081515065c99
8ecf114ce5b12e0ccf7c14c3298f55fade216edffc2860b16b740debb386ff8f

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/doverie.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 23561
cache-control: public, max-age=120, s-maxage=600
etag: "e7b54e87165cfc51f85befa2faf2c829"
expires: Sun, 05 Feb 2023 19:27:37 GMT
last-modified: Fri, 06 Nov 2020 12:51:59 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 5526
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/black-friday.jpg

8.247.219.122

200 OK

20 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/black-friday.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 375x250, components 3\012- data
Size
20 kB (20079 bytes)
Hash
d709371d6c6176589b49887db4554821
38b7d89016194d1ea23af1f3557b3e267f7cbaff
2123869212d427b5b99aff27f6d15d86816458a36bf4ab69f92f3ab8611a9f1d

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/black-friday.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 20079
cache-control: public, max-age=120, s-maxage=600
etag: "d709371d6c6176589b49887db4554821"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Fri, 06 Nov 2020 12:51:58 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 6043
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/insurance-bets.jpg

8.247.219.122

200 OK

25 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/insurance-bets.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 372x250, components 3\012- data
Size
25 kB (25383 bytes)
Hash
514d57da3a89384a44d5d49015190802
9fb78de88c22d34a04352efc4ff66b1bd82ade5f
7c0fce982143d3a68f61f4731fb4d7a851da66541812c3cf3648c1fe68e8e034

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/insurance-bets.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 25383
cache-control: public, max-age=86400, s-maxage=600
etag: "514d57da3a89384a44d5d49015190802"
expires: Sun, 05 Feb 2023 20:33:59 GMT
last-modified: Fri, 06 Nov 2020 12:52:03 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 2269
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.jpg

8.247.219.122

200 OK

25 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.jpg
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 372x250, components 3\012- data
Size
25 kB (25011 bytes)
Hash
7812b658d4412329fa085af889d60d7d
c0dea8b214f312c0bbc5bc36682888d9eb68542d
277485c051f686dea763df29f202a40f749970a24fca9330af577bc51c852ee1

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 25011
cache-control: public, max-age=86400, s-maxage=600
etag: "7812b658d4412329fa085af889d60d7d"
expires: Sun, 05 Feb 2023 20:10:01 GMT
last-modified: Fri, 06 Nov 2020 12:51:58 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 2702
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st-slider.webp

8.247.219.122

200 OK

18 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st-slider.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
18 kB (18056 bytes)
Hash
a4b243f76ff572881d54d6d590fb7cdf
dd97d6d98143012e8adecef2a7fad511f7b6c453
ea844aab8b34dab774ad139535dbdd01f9c3886736e241d34bc2088409ab1f10

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/1st-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 18056
cache-control: public, max-age=120, s-maxage=600
etag: "a4b243f76ff572881d54d6d590fb7cdf"
expires: Sun, 05 Feb 2023 06:47:36 GMT
last-modified: Mon, 21 Nov 2022 08:28:42 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 50896
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/grand-slam-tournaments.webp

8.247.219.122

200 OK

26 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/grand-slam-tournaments.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image\012- data
Size
26 kB (25534 bytes)
Hash
1ae08e62e5d5b200f52c3d47215b5aab
b2cb0298a8a2688321451ace30bb61f7bf2462a1
50238bf838f1875b1bb577c3d63731473dd5a7538a2c3fd6396b1d3c451defa1

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/grand-slam-tournaments.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/webp
content-length: 25534
cache-control: public, max-age=86400
etag: "1ae08e62e5d5b200f52c3d47215b5aab"
expires: Sun, 05 Feb 2023 10:26:19 GMT
last-modified: Wed, 18 Jan 2023 09:41:47 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 38293
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/cl-2022.webp

8.247.219.122

200 OK

9.4 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/cl-2022.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.4 kB (9430 bytes)
Hash
b27dc79f7bf8870d48b33c841317f571
517e21d93197119ce213880225098089b4925e2b
2db9baab69f187b764620458ae44c93c415be29d7881a625e94d4101e364b86f

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/cl-2022.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 9430
cache-control: public, max-age=120, s-maxage=600
etag: "b27dc79f7bf8870d48b33c841317f571"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Wed, 28 Sep 2022 12:14:39 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56816
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/house-of-the-barca.webp

8.247.219.122

200 OK

16 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/house-of-the-barca.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
16 kB (16102 bytes)
Hash
f4942ea6b7a4ec9118e23f7986f59a6e
16b2fabacb446f9805bb950811447b1f44671f7e
5a0269e97647cb71839cfa8ccd4ae48fa8c4b4a15065770ea6a19d6b28c11b92

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/house-of-the-barca.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 16102
cache-control: public, max-age=86400, s-maxage=600
etag: "f4942ea6b7a4ec9118e23f7986f59a6e"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 10 Nov 2022 17:04:17 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56816
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-express.webp

8.247.219.122

200 OK

12 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-express.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (12500 bytes)
Hash
d71a689b6b71166227b22d241422099b
f3988f85a1a59126a3610213683395b3fa72d770
fa3cffd6ba8b0d51ec04c46ba8a2de96a82d9932ad697d87d7525c4b17107514

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/tv-bet-express.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 12500
cache-control: public, max-age=120, s-maxage=600
etag: "d71a689b6b71166227b22d241422099b"
expires: Sun, 05 Feb 2023 12:37:05 GMT
last-modified: Thu, 28 Jan 2021 08:28:58 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 29878
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express-fight.webp

8.247.219.122

200 OK

19 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express-fight.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
19 kB (19086 bytes)
Hash
c085b2722d5f4393ec9f415976e7e0d3
31ea126b3ab5a0b4f7da6a9ab294e25b26e91b94
24ebd2fb88924fcbc69092ae958bb942c885295ab784efedfaa38f0301549601

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/express-fight.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 19086
cache-control: public, max-age=120, s-maxage=600
etag: "c085b2722d5f4393ec9f415976e7e0d3"
expires: Sun, 05 Feb 2023 05:22:11 GMT
last-modified: Fri, 22 Jul 2022 08:37:10 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56518
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/headless-football.webp

8.247.219.122

200 OK

15 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/headless-football.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
15 kB (15242 bytes)
Hash
7c6c9a9adf5474f6c4af47317b6c1bee
4e9ba53c2d93f35aefc59360d69c658cc793cf72
bbfb151c074780451a8520972ed8d803c6ef74e9d69ca30802b15d93ff0097d7

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/headless-football.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 15242
cache-control: public, max-age=86400, s-maxage=600
etag: "7c6c9a9adf5474f6c4af47317b6c1bee"
expires: Sun, 05 Feb 2023 05:13:05 GMT
last-modified: Thu, 28 Jan 2021 05:59:57 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56518
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/m-effect.webp

8.247.219.122

200 OK

8.2 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/m-effect.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.2 kB (8196 bytes)
Hash
52cda241850f856a3a45718b7d13db38
00ab3b0c95c4e36fce09061d3adbbffd80ec6974
983a6538f7c4f0c98cf07ac049184d21af1d7f69dd478d64c6320517945f61b6

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/m-effect.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 8196
cache-control: public, max-age=120, s-maxage=600
etag: "52cda241850f856a3a45718b7d13db38"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Mon, 21 Mar 2022 07:47:28 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56815
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.webp

8.247.219.122

200 OK

9.5 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.5 kB (9528 bytes)
Hash
e74e38a96e2b86b49bce5a4ecdb2e456
8ed3fce32fa8d91d39bd0bb642e3c45516d8a9eb
f7ca5371dc68183854f2893aa3d99bba1e080f3b2d6146a99e7561f9b79dbe87

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 9528
cache-control: public, max-age=86400, s-maxage=600
etag: "e74e38a96e2b86b49bce5a4ecdb2e456"
expires: Sun, 05 Feb 2023 05:13:05 GMT
last-modified: Mon, 13 Jun 2022 06:48:14 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56518
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.webp

8.247.219.122

200 OK

10 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
10 kB (10366 bytes)
Hash
a55f6bc5288f59157c1f4b0d99200c4f
64b37d821bf692cea5cde5734b3230cecd2b1ae0
0f29e044bfb569e9205e03de27030a08d6b32de2da815a72b059dca1cfea8707

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 10366
cache-control: public, max-age=86400, s-maxage=600
etag: "a55f6bc5288f59157c1f4b0d99200c4f"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Mon, 13 Jun 2022 06:50:19 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56815
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/winter-wanderings-tournament.webp

8.247.219.122

200 OK

19 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/winter-wanderings-tournament.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 450x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
19 kB (18994 bytes)
Hash
1be723dba047b9d161bac210aa45b590
32e69231fac15b8904f652692494b0bbac202c0d
6bd39257b2dc1b6e76501519d75a7f33f252f9b77799ecb6bff6269d0cddab02

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/winter-wanderings-tournament.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/webp
content-length: 18994
cache-control: public, max-age=86400
etag: "1be723dba047b9d161bac210aa45b590"
expires: Sun, 05 Feb 2023 15:49:01 GMT
last-modified: Thu, 05 Jan 2023 12:10:33 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 18363
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/big-bang-tournament.webp

8.247.219.122

200 OK

21 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/big-bang-tournament.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 450x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
21 kB (20702 bytes)
Hash
b22461fd82cd545cd1d76913961de482
080b3d4a78f7eddd5dbe5eafad3b4f4424af0baf
39b112fb3ed31d0a9a08e1a59e1f4afa4605f6ced44d3c4df8501e0c1800ebfd

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/big-bang-tournament.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/webp
content-length: 20702
cache-control: public, max-age=120, s-maxage=600
etag: "b22461fd82cd545cd1d76913961de482"
expires: Sun, 05 Feb 2023 05:36:57 GMT
last-modified: Sun, 27 Nov 2022 20:35:39 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 55086
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/drops-and-wins-2022-tournament.webp

8.247.219.122

200 OK

25 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/drops-and-wins-2022-tournament.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 450x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
25 kB (25380 bytes)
Hash
440d5676d2bd5017126f563950d4b379
89b2843732f9da71a87a56711d4491df45e33743
d3141663d960c6571f5fa2a3c68e458df9b5677d15cf82fbb9f36d970217f971

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/drops-and-wins-2022-tournament.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/webp
content-length: 25380
cache-control: public, max-age=86400, s-maxage=600
etag: "440d5676d2bd5017126f563950d4b379"
expires: Sun, 05 Feb 2023 05:36:57 GMT
last-modified: Tue, 13 Dec 2022 16:50:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 55086
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/live-drops-and-wins-2022-tournament.webp

8.247.219.122

200 OK

20 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/live-drops-and-wins-2022-tournament.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 450x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
20 kB (19800 bytes)
Hash
35a75c611ab854c34594028a87351a9a
1386d62e025208d9e1075ca84d357c00c451a63f
34af1d05438037b6084b186507af44ca9bb89a13ae9fe4b0349a97ce061fb5ae

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/live-drops-and-wins-2022-tournament.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/webp
content-length: 19800
cache-control: public, max-age=120, s-maxage=600
etag: "35a75c611ab854c34594028a87351a9a"
expires: Sat, 04 Feb 2023 23:51:34 GMT
last-modified: Tue, 13 Dec 2022 10:18:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 76127
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.webp

8.247.219.122

200 OK

12 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (11552 bytes)
Hash
daeaf08697dfed851eb599384d148280
ea4673d4419b3957216e726a94df8e1c4f736120
a3fbdd7917afd1a842718ec3e7523e65a00f56f00a5efe278d1cf1ba5d9e0171

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 11552
cache-control: public, max-age=120, s-maxage=600
etag: "daeaf08697dfed851eb599384d148280"
expires: Sun, 05 Feb 2023 05:22:12 GMT
last-modified: Thu, 28 Jan 2021 08:28:20 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56515
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.webp

8.247.219.122

200 OK

7.6 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.6 kB (7550 bytes)
Hash
d11c77ea0b5452913b78f4119b5dc2a6
51bd74151949ed7bfc8b75c6ff5f06695bdd3501
54b074dd43034216f6d809fd57a81c5ed43a4cee62da841ac1041cc05394cd45

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/top-bins.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 7550
cache-control: public, max-age=86400
etag: "d11c77ea0b5452913b78f4119b5dc2a6"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 08:28:57 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56814
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-force-buy-bonus.webp

8.247.219.122

200 OK

13 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-force-buy-bonus.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
13 kB (13366 bytes)
Hash
1db91e344f38c17a8c7419ab8ddd9e05
47f3dbbc7bbef1e9aab245639b081159b1405265
a9518efd061fe5d33840220aad72d37f3145769c48cc638d61cd0757120e4e83

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/promo-force-buy-bonus.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 13366
cache-control: public, max-age=120, s-maxage=600
etag: "1db91e344f38c17a8c7419ab8ddd9e05"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Mon, 01 Feb 2021 07:46:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56814
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.webp

8.247.219.122

200 OK

13 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
13 kB (13388 bytes)
Hash
2b8d7f30a15238b0631bdbf2afab5357
5706c1b3bd01c988932c62a995d79a639fbe1c7c
a914d629f844eb0f63f5a37090a6f6962274b82de0034afdb8be72d3ef8dbf61

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/percentage.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 13388
cache-control: public, max-age=86400, s-maxage=600
etag: "2b8d7f30a15238b0631bdbf2afab5357"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 08:28:18 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56814
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/dailytournament.webp

8.247.219.122

200 OK

12 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/dailytournament.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
12 kB (11720 bytes)
Hash
4150e2dc51d3a01142fa6af8c628abe0
df31ac0ab74aaef80021305871d87ed8d348bd4d
21f4124e6eb2e7c08d4276774f61c2cfb615f43987a199b86a6ba2ad98960012

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/dailytournament.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 11720
cache-control: public, max-age=86400, s-maxage=600
etag: "4150e2dc51d3a01142fa6af8c628abe0"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 05:56:58 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56811
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.webp

8.247.219.122

200 OK

9.1 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
9.1 kB (9094 bytes)
Hash
cf73cf5ee3883706242debc9d5f1c52e
e071e466fff51b6bff7edf48405c959865bdbe28
53e6a25ee8451c110b3f96164a7917bb8e6f4dfdcf84ec373eebd5b4dc56d88c

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 9094
cache-control: public, max-age=120, s-maxage=600
etag: "cf73cf5ee3883706242debc9d5f1c52e"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 21 Jul 2022 06:10:55 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56814
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/beatus.webp

8.247.219.122

200 OK

20 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/beatus.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
20 kB (19720 bytes)
Hash
c5afa6355f19096a19923a487d4fdf26
3f7037b18f68106e632e22acdfa5494c7a8cdb55
92665dec153ab94c0fed1d76d80a2feaf91f9b01a473648d87cd150a6631ef99

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/beatus.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 19720
cache-control: public, max-age=120, s-maxage=600
etag: "c5afa6355f19096a19923a487d4fdf26"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 05:56:51 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56813
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/luckyday.webp

8.247.219.122

200 OK

8.8 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/luckyday.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.8 kB (8800 bytes)
Hash
93bf4b295b8f915d635a7eee111796f5
e38064f3a1f2da3bab4a94b591a26e8ddac42ff5
d630ddc2f99ff9bc2d2bbb207a0fa7aad4ffbdc4340d618ce025fc24e2466023

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/luckyday.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 8800
cache-control: public, max-age=120, s-maxage=600
etag: "93bf4b295b8f915d635a7eee111796f5"
expires: Sun, 05 Feb 2023 05:22:12 GMT
last-modified: Thu, 28 Jan 2021 06:00:35 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56814
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st.webp

8.247.219.122

200 OK

11 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
11 kB (10554 bytes)
Hash
a9a36fedcff872396a9f3c7f790713a3
b401c66a5f8b5ab3422964dc1df540bdee8897c8
af610352cfbaf762bac809c78a4cd3c768e412c9bf3a3e2a8f795cded58dc474

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/1st.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 10554
cache-control: public, max-age=86400, s-maxage=600
etag: "a9a36fedcff872396a9f3c7f790713a3"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Mon, 21 Nov 2022 08:30:50 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56813
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/black-friday.webp

8.247.219.122

200 OK

27 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/black-friday.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 375x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
27 kB (27234 bytes)
Hash
38b7f70e41882a799ace2f3c818d36c0
c2ab674ec024937c957f2f716e7e0844ae52861c
8d026959d781637e6b7fa2fcaed09ff8e91b8454b485096c8d3f083b0f2b7d38

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/black-friday.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 27234
cache-control: public, max-age=120, s-maxage=600
etag: "38b7f70e41882a799ace2f3c818d36c0"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 05:56:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56813
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.webp

8.247.219.122

200 OK

24 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
24 kB (23474 bytes)
Hash
09323130f34df1a82f4b2fbe5728296f
635ea77ca643c7e92d9407bf8dff6016f7e2e2c8
c0244cf31766824e9b248cb499f6ec4c5be5b95de5bccffe7654e17a2a4001cf

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/multiply2.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 23474
cache-control: public, max-age=120, s-maxage=600
etag: "09323130f34df1a82f4b2fbe5728296f"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 06:00:42 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56812
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.webp

8.247.219.122

200 OK

14 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
14 kB (14392 bytes)
Hash
ea131523f0dbb86a73e247f98c86ed82
d538e4893a52f1040639371f9e38f25e85cd195f
34e829b145622e4f7e44c1c33132f8d3bc56193689b475076ba1952559bc3f20

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/express.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 14392
cache-control: public, max-age=120, s-maxage=600
etag: "ea131523f0dbb86a73e247f98c86ed82"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 05:59:46 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56812
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/birthday.webp

8.247.219.122

200 OK

10 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/birthday.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
10 kB (10068 bytes)
Hash
c9e8e718698c0f70d56eff746ab89734
b31c32f767e2c80571df6ae0ba737847eca1ef97
bd7a052b317db19cd25c186b39db56c04cabb209b039644f51cc4874270a4b4b

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/birthday.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 10068
cache-control: public, max-age=120, s-maxage=600
etag: "c9e8e718698c0f70d56eff746ab89734"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 05:56:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56811
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.webp

8.247.219.122

200 OK

26 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
26 kB (26188 bytes)
Hash
3529a9950536352cadc5022231d76608
2883dfd254a6b2ac531e7749bd0986dd4c26b077
f9b9979b91624cafcb1f44cdf9b1a3926417ca700046a19466a94335ff8090cf

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 26188
cache-control: public, max-age=120, s-maxage=600
etag: "3529a9950536352cadc5022231d76608"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Thu, 22 Apr 2021 14:23:33 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 55409
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.webp

8.247.219.122

200 OK

5.6 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
5.6 kB (5648 bytes)
Hash
a7827f5cae9db8756a23863a4a0af5a2
0d497835a173b7bce3b9e40fa8528f1d98cfbb37
cee7f08a00be265513188debfe6ff87fe90d51800b6db9d737beb8dbc8c7d24f

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 5648
cache-control: public, max-age=120, s-maxage=600
etag: "a7827f5cae9db8756a23863a4a0af5a2"
expires: Sun, 05 Feb 2023 12:26:35 GMT
last-modified: Thu, 28 Jan 2021 05:56:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 30520
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-277345.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137

178.253.15.12

200 OK

12 kB

URL HTTP/2
1xlite-277345.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137
IP
178.253.15.12:0
ASN
#0

File type
data
Size
12 kB (12137 bytes)
Hash
d5d860daea2a9f84ae1161fb124ede26
57a377d890f6fd8bf56f2bdcf140c26670c7fe5b
b1ac1718959133c4d4f1f035a98d27564ed1ed1cb324a4e0d2a2d5ee326077c1

HTTP Headers

GET /web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=89, dt_285;dur=91
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/doverie.webp

8.247.219.122

200 OK

8.1 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/doverie.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.1 kB (8130 bytes)
Hash
cec1abd6fa116d6d6113a76b239c8a81
8d36bb1ce8005f056d872e3d9a742d3e02d06a1d
b647f617d8fc08098c54645532d40ca40a067c878bf6229dcd16579ac86b9f12

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/doverie.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 8130
cache-control: public, max-age=86400, s-maxage=600
etag: "cec1abd6fa116d6d6113a76b239c8a81"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 05:57:00 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56811
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.webp

8.247.219.122

200 OK

8.7 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
8.7 kB (8700 bytes)
Hash
e252f07758113d880371090ec6efa541
79e62e9eac0e64d0bf74ce7df73b8357704200d7
34eef57ccb0440558471d63c20c94dc49bc4d0572259c4d50c9a3413b433ff67

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/loss20.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 8700
cache-control: public, max-age=120, s-maxage=600
etag: "e252f07758113d880371090ec6efa541"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 06:00:32 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56811
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.webp

8.247.219.122

200 OK

7.9 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.9 kB (7914 bytes)
Hash
c800b5cedfef8fc10c5700df8dbed4ad
574487c9147fc54dcf9403557298089530b70f04
c4c79cb2476e2d87a7a02b07f1d694752d015b8f8bf68928bfde3b10c16e1a8f

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/race.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 7914
cache-control: public, max-age=120, s-maxage=600
etag: "c800b5cedfef8fc10c5700df8dbed4ad"
expires: Sun, 05 Feb 2023 07:51:57 GMT
last-modified: Thu, 28 Jan 2021 08:28:21 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 47711
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/insurance-bets.webp

8.247.219.122

200 OK

7.1 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/insurance-bets.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
7.1 kB (7110 bytes)
Hash
dc314f88e6596ca91d19a3b6027e1360
a70a751ba925d3b090d70091e4a26afbd0650ba0
416b4ee74667eb9bf69ca8c78d66361b6058ae06c62c82d43d6c2e65811e80fd

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/insurance-bets.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 7110
cache-control: public, max-age=86400, s-maxage=600
etag: "dc314f88e6596ca91d19a3b6027e1360"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 06:00:29 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56811
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/toto-free.webp

8.247.219.122

200 OK

27 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/toto-free.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
27 kB (27398 bytes)
Hash
688be311173fb9c91088f45d81be2e78
62103ee52b02444cb76ca3f5a47acbd84e1ba189
942f092954a412236c206359f47bb2e3ceba5954b54f2c00c988940c0d9bd801

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/toto-free.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 27398
cache-control: public, max-age=120, s-maxage=600
etag: "688be311173fb9c91088f45d81be2e78"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 08:28:57 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56810
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.webp

8.247.219.122

200 OK

62 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 315x250, components 3\012- data
Size
62 kB (61571 bytes)
Hash
5aaddf2c56dd3132a3eb40fd514309c6
74dc6650e0bc516bbefbe1da71fb5e0243e69191
5989764a0ab5e33ea4d229993ff2842fc8d9fe15e6a7ab42de32fc326e28b1c2

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 61571
cache-control: public, max-age=120, s-maxage=600
etag: "5aaddf2c56dd3132a3eb40fd514309c6"
expires: Sun, 05 Feb 2023 05:13:05 GMT
last-modified: Wed, 12 Oct 2022 09:29:43 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56518
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback-1-137.webp

8.247.219.122

404 Not Found

118 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback-1-137.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
118 B (118 bytes)
Hash
b58d632409efb03916cfef3229576c55
c2fb66483c899f427b0354d52b080ce8bb6b47c4
b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/vip-cashback-1-137.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
date: Sat, 04 Feb 2023 20:55:04 GMT
content-type: text/html; charset=utf-8
content-length: 118
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 2
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback.webp

8.247.219.122

200 OK

6.2 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback.webp
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
6.2 kB (6224 bytes)
Hash
c92bc7216404cb1bc46cad557d04a4b4
3ad6adb66ed52e54ef1d7adffaec4bf03f51d6df
f652aafdaab581a7843ca7939067e4bacfb5c09255a6408c76644187470ca00b

HTTP Headers

GET /genfiles/cms/1-285/desktop/bonus/rules/vip-cashback.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:04 GMT
content-type: application/octet-stream
content-length: 6224
cache-control: public, max-age=86400
etag: "c92bc7216404cb1bc46cad557d04a4b4"
expires: Sun, 05 Feb 2023 05:08:36 GMT
last-modified: Mon, 13 Jun 2022 06:52:38 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56789
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
366d040b8e2064d3b4cc70fb1da70c80
ae6cc090670772a3a7a203aaf2ee0a6a68d1b369
ebdcc34dc012d16953852e466b4c65e2fc838272fa1ffc50a98cd4b7fc5dbc26

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 702
Cache-Control: max-age=137466
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:55:04 GMT
Etag: "63de3964-117"
Expires: Mon, 06 Feb 2023 11:06:10 GMT
Last-Modified: Sat, 04 Feb 2023 10:54:28 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
366d040b8e2064d3b4cc70fb1da70c80
ae6cc090670772a3a7a203aaf2ee0a6a68d1b369
ebdcc34dc012d16953852e466b4c65e2fc838272fa1ffc50a98cd4b7fc5dbc26

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 702
Cache-Control: max-age=137466
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:55:04 GMT
Etag: "63de3964-117"
Expires: Mon, 06 Feb 2023 11:06:10 GMT
Last-Modified: Sat, 04 Feb 2023 10:54:28 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

1xlite-277345.top/web-api/q/dd80e8a56240ec5427452967dcf21503fc63883df

178.253.15.12

200 OK

0 B

URL HTTP/2
1xlite-277345.top/web-api/q/dd80e8a56240ec5427452967dcf21503fc63883df
IP
178.253.15.12:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /web-api/q/dd80e8a56240ec5427452967dcf21503fc63883df HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-277345.top/en/bonus/rules/1st
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://1xlite-277345.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139; _gat_gtag_UA_178408567_1=1; is_rtl=1; fast_coupon=true; v3fr=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=31, dt_285;dur=32
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/frontend-api/seo/seoList?lng=en&gr=285&virtualSports=true&groupChamps=true

178.253.15.12

200 OK

0 B

URL HTTP/2
1xlite-277345.top/frontend-api/seo/seoList?lng=en&gr=285&virtualSports=true&groupChamps=true
IP
178.253.15.12:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /frontend-api/seo/seoList?lng=en&gr=285&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
etag: W/"13c2-IxI/MvfOjnZceInPs01vdyNzRj4"
server-timing: total; dur=0.897426; desc="Total Response Time"
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

suphelper.com/widget/injector.js

104.16.43.72

200 OK

0 B

URL HTTP/2
suphelper.com/widget/injector.js
IP
104.16.43.72:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widget/injector.js HTTP/1.1
Host: suphelper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:04 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-d49403fd-098b-41ec-b2fa-70a24447f25c' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://suphelper.ru wss://suphelper.ru *.suphelper.ru https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
cache-control: public, max-age=300
last-modified: Tue, 03 Jan 2023 09:24:23 GMT
etag: W/"28e6c-18576f23558"
vary: Accept-Encoding
cf-cache-status: HIT
age: 294
server: cloudflare
cf-ray: 79464e1d0f1c98f0-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

1xlite-277345.top/bonus/rules/1st

178.253.15.12

302 Found

0 B

URL HTTP/2
1xlite-277345.top/bonus/rules/1st
IP
178.253.15.12:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /bonus/rules/1st HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 20:54:58 GMT
location: /en/bonus/rules/1st
reason-v3: empty_lang
server-timing: total;dur=0;desc="Nuxt Server Time", dt_285;dur=149
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: platform_type=desktop; Path=/; Expires=Tue, 07 Feb 2023 20:54:58 GMT
auid=sv0PDGPexiK8Lk3zA5bzAg==; path=/; secure; httponly; samesite=lax
X-Firefox-Spdy: h2

1xlite-277345.top/translation-api/by-lang/en

178.253.15.12

200 OK

0 B

URL HTTP/2
1xlite-277345.top/translation-api/by-lang/en
IP
178.253.15.12:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translation-api/by-lang/en HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
etag: "bffc98347ee35b3ead06728d6f073c68"
server-timing: p;dur=27
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/app-5cd67df7.modern.js

8.247.219.122

200 OK

0 B

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/app-5cd67df7.modern.js
IP
8.247.219.122:0
ASN
#3356 LEVEL3

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_nuxt/desktop/default/app-5cd67df7.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 186313
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-2d7c9"
expires: Sun, 05 Feb 2023 07:48:19 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47204
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-277345.top/web-api/api/v3/bonuses/first-deposit

178.253.15.12

200 OK

0 B

URL HTTP/2
1xlite-277345.top/web-api/api/v3/bonuses/first-deposit
IP
178.253.15.12:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /web-api/api/v3/bonuses/first-deposit HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=18, dt_285;dur=100
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-277345.top/en/bonus/rules/1st

178.253.15.12

200 OK

0 B

URL HTTP/2
1xlite-277345.top/en/bonus/rules/1st
IP
178.253.15.12:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /en/bonus/rules/1st HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:54:58 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
server-timing: total;dur=1;desc="Nuxt Server Time", dt_285;dur=2
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (31)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL