1xlite-277345.top/bonus/rules/1st
178.253.15.12301 Moved Permanently 162 B URL HTTP/1.1 1xlite-277345.top/bonus/rules/1st
IP 178.253.15.12:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /bonus/rules/1st HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 04 Feb 2023 20:54:58 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://1xlite-277345.top/bonus/rules/1st
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3616
Expires: Sat, 04 Feb 2023 21:55:14 GMT
Date: Sat, 04 Feb 2023 20:54:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6744
Expires: Sat, 04 Feb 2023 22:47:22 GMT
Date: Sat, 04 Feb 2023 20:54:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14447
Expires: Sun, 05 Feb 2023 00:55:45 GMT
Date: Sat, 04 Feb 2023 20:54:58 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 20:43:39 GMT
content-type: application/json
age: 679
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LpQnMjF5yNbxcjK73gOssVz7CqBIRp9W1b8HSeMyzfjtCVNcKEmKnl0x90T09fxbDbl4s0yvtyA=
x-amz-request-id: Q3KNVP95853JVSAP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 20:52:58 GMT
age: 120
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b6575ab2d48f1828d572e7704f5b7e40
9fc0564dd4f4ad5d41f611542eda099d79e660b8
9c2e62a06020716a64a4eb80baf107a62e17dac282bc143c0e4df66f848bb9e0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C2E62A06020716A64A4EB80BAF107A62E17DAC282BC143C0E4DF66F848BB9E0"
Last-Modified: Thu, 02 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=91
Expires: Sat, 04 Feb 2023 20:56:29 GMT
Date: Sat, 04 Feb 2023 20:54:58 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:54:58 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 20:07:19 GMT
age: 2859
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:54:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:54:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3808
Expires: Sat, 04 Feb 2023 21:58:26 GMT
Date: Sat, 04 Feb 2023 20:54:58 GMT
Connection: keep-alive
push.services.mozilla.com/
44.239.226.203101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.239.226.203:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wCYHJEyScXcX/YYQf27G2A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: npR9pRHCwSglH685gg54hR9x8E4=
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash dcd8c82da2ec392cc7fd83d81e5f415b
3e3420209787577f2b3b1203dc2bd049fc74728d
739e0053a05a04cd2113c3e3d84b6261a6f516cdcce21aeaa866243543f6db3c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 20:54:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 03:03:03 GMT
Expires: Thu, 09 Feb 2023 03:03:02 GMT
Etag: "3e3420209787577f2b3b1203dc2bd049fc74728d"
Cache-Control: max-age=367082,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79464e00be54b4f4-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash dcd8c82da2ec392cc7fd83d81e5f415b
3e3420209787577f2b3b1203dc2bd049fc74728d
739e0053a05a04cd2113c3e3d84b6261a6f516cdcce21aeaa866243543f6db3c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 20:54:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 03:03:03 GMT
Expires: Thu, 09 Feb 2023 03:03:02 GMT
Etag: "3e3420209787577f2b3b1203dc2bd049fc74728d"
Cache-Control: max-age=367082,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79464e00be250b65-OSL
v3.traincdn.com/version.json
8.247.219.122200 OK 44 B URL HTTP/2 v3.traincdn.com/version.json
IP 8.247.219.122:0
Hash 2ff0903e2cf1934343d552ae57e72026
4ba867a032cfd0e85d695429de231d14c4c4dd56
ffa5642106dbd12dea7a3bd3a05ec8c1a34a9ce87385221b32f65da552cd631d
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/json
content-length: 44
cache-control: max-age=60, s-maxage=60
content-encoding: gzip
etag: "63dd300c-2c"
expires: Sat, 04 Feb 2023 20:55:54 GMT
last-modified: Fri, 03 Feb 2023 16:02:20 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 7
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/d1370efa.css
8.247.219.122200 OK 42 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/d1370efa.css
IP 8.247.219.122:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a879f84cec3460f101ef164f914a9c6f
f9c1cd31b3f1bb847245c18e7209811719160ad3
7bc187d468cfe2a86bce9d834d0e952076e2ed028e7dd748fdabd2665de0718d
GET /_nuxt/desktop/default/css/d1370efa.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: text/css
content-length: 41552
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-a250"
expires: Sun, 05 Feb 2023 07:48:17 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47203
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.106200 OK 1.9 kB URL HTTP/2 fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.106:0
Hash 6d7fea20d77b819b58adadbbdda13e09
fd5853ef4bdcacd6709bca03c26da90b049c6ad1
a1d4c5dd1e34e70339ef4de3bc3de6ed69aeca18fcfd217612c00937c61f40e3
GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Feb 2023 20:54:58 GMT
date: Sat, 04 Feb 2023 20:54:58 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/5f146d7c.css
8.247.219.122200 OK 13 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/5f146d7c.css
IP 8.247.219.122:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e639fe968ccd7c0c724bb3e017f6a1b0
ba2ad1f65f65cb90ee56a5e9440250addeb0222a
0cfa37dbc1cfd74f9a7b6b3c6fd54ddb921dbdd0c6f857775b2b3bd381a6fa7a
GET /_nuxt/desktop/default/css/5f146d7c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: text/css
content-length: 12852
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-3234"
expires: Sun, 05 Feb 2023 12:28:16 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30404
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-277345.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
178.253.15.12200 OK 352 B URL HTTP/2 1xlite-277345.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP 178.253.15.12:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78
GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
expires: Fri, 03 Feb 2023 12:55:50 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 5452c58c07ce8d3cade93b323b271c35
581b1e438daeb32a12feaf50f2aab17dcf3e3171
b99ea2af71e697f45db51732f7d3e8d3e50258c9c96e50a772b8c4638577140a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:55:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
v3.traincdn.com/_nuxt/desktop/default/runtime-74f9911d.modern.js
8.247.219.122200 OK 13 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/runtime-74f9911d.modern.js
IP 8.247.219.122:0
File type ASCII text, with very long lines (39801), with no line terminators
Hash d273b47723ce561b91af027e29cbfdbf
550c74205ef72b7b22fca464adf38742c473597c
e0b5db6ac487049158c077bc93cad89e515b379556c6b23fc5e97f4b4efeefbd
GET /_nuxt/desktop/default/runtime-74f9911d.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 12699
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-319b"
expires: Sun, 05 Feb 2023 13:04:05 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 28256
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/commons/app-9a3fc913.modern.js
8.247.219.122200 OK 86 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/commons/app-9a3fc913.modern.js
IP 8.247.219.122:0
File type ASCII text, with very long lines (65476)
Hash c290898569357af9f18833ab57cf7b68
fca8801b14f3943b8917555946e096633eced15d
b4781a3e1ea974324860261d3977ae149747115fcc053c7dde75b0fb617a9473
GET /_nuxt/desktop/default/commons/app-9a3fc913.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 86118
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-15066"
expires: Sun, 05 Feb 2023 07:48:17 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47204
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 22:02:00 GMT
expires: Mon, 29 Jan 2024 22:02:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 514380
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/app-a1c33ba1.modern.js
8.247.219.122200 OK 216 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/app-a1c33ba1.modern.js
IP 8.247.219.122:0
File type Unicode text, UTF-8 text, with very long lines (65396)
Size 216 kB (215714 bytes)
Hash 0e97c99f75258fc41467962d8c2855f5
c2d00bee098c824612fd032c0b723e03f8bb63a8
f8f0e24867d731be762057259277c46d1ecf0d568b3a0dac959866d9e0b0e9c1
GET /_nuxt/desktop/default/vendors/app-a1c33ba1.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 215714
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-34aa2"
expires: Sun, 05 Feb 2023 07:48:18 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47203
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20535
Expires: Sun, 05 Feb 2023 02:37:15 GMT
Date: Sat, 04 Feb 2023 20:55:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20535
Expires: Sun, 05 Feb 2023 02:37:15 GMT
Date: Sat, 04 Feb 2023 20:55:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20535
Expires: Sun, 05 Feb 2023 02:37:15 GMT
Date: Sat, 04 Feb 2023 20:55:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 114e345e134986d7451148fcea31b29d
541e878afee68c8802bb52b0cbbe5a5a0a185392
5030244d4babd1023166f39c935029d789a91ba90aa3a44c6f4c88ddc947b678
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F524a46fd-88eb-4539-9d8b-1ac679ae5990.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8211
x-amzn-requestid: 2df5779a-a808-46ec-9246-1a9b9bddd9e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmKLVHwroAMF72Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bd7b-3cfe97e07d17958836425784;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:04:27 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _VFg0FMYa1Dg55fLpJTwdX2uZXkYjZSFdbdAKqGQu7GF2dPiawKh1g==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 07:29:26 GMT
age: 48334
etag: "541e878afee68c8802bb52b0cbbe5a5a0a185392"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aKr85ooofBPeKkeJIDO5W_X5Rn6xnJlRHmVrs8tgBMYe3HQhobsm3w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:56:07 GMT
age: 82733
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 82474
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 82156
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 06:20:04 GMT
age: 52496
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 82179
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/vendors/plugins.vue-notification-b5bb9776.modern.js
178.253.15.12200 OK 4.6 kB URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/vendors/plugins.vue-notification-b5bb9776.modern.js
IP 178.253.15.12:0
File type ASCII text, with very long lines (12527), with no line terminators
Hash cc11d5b7bbd6e6858509feadbced10ce
92de5487b90e66565d1f62ad03cd40c0506c4b30
8272e7505b2d95de0730eb394dae39e1b31e4cb0fc99d0b45964d0e7afef2e46
GET /_nuxt/desktop/default/vendors/plugins.vue-notification-b5bb9776.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 4563
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-11d3"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-568bcfd9.modern.js
178.253.15.12200 OK 22 kB URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-568bcfd9.modern.js
IP 178.253.15.12:0
File type ASCII text, with very long lines (65476)
Hash 5dc25e067ee5924700e409963eb73cb1
7e2a61e3fb985b4af152335770f4854398bc8512
cbb81eff45780ffd409ada8dad098b3c9c910b1e5a2b5dbea9d64cc8fe0e3d49
GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-568bcfd9.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 21836
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-554c"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/vendors/Footer/Layout.Information/Layout.Office/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Pag/f2c03efd-e79f5416.modern.js
178.253.15.12200 OK 7.1 kB URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/vendors/Footer/Layout.Information/Layout.Office/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Pag/f2c03efd-e79f5416.modern.js
IP 178.253.15.12:0
File type Unicode text, UTF-8 text, with very long lines (27736), with no line terminators
Hash 85f1ac0f3222f7d168751928aae86e87
e8dcd0189e3c61f0d451ba23829bdf34c75876b1
11264af04447d2c1a0202168ee9278d09031c8764205b3f5938a78c84024d148
GET /_nuxt/desktop/default/vendors/Footer/Layout.Information/Layout.Office/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Pag/f2c03efd-e79f5416.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 7133
last-modified: Fri, 03 Feb 2023 15:58:17 GMT
vary: Accept-Encoding
etag: "63dd2f19-1bdd"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/css/328d4387.css
178.253.15.12200 OK 2.2 kB URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/css/328d4387.css
IP 178.253.15.12:0
File type ASCII text, with very long lines (18385), with no line terminators
Hash 929aca40e43201b0f3257a0ced9e8813
fd964d7adfac6b709cad92fdddb7d207fd57ec05
429c3d3ba9a039180694733cda6d2e09c5b6dc5b088c3acb252b46ca9f9c2baf
GET /_nuxt/desktop/default/css/328d4387.css HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: text/css
content-length: 2197
last-modified: Fri, 03 Feb 2023 15:58:17 GMT
vary: Accept-Encoding
etag: "63dd2f19-895"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/1ffcb409-912f77b9.modern.js
178.253.15.12200 OK 2.5 kB URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/1ffcb409-912f77b9.modern.js
IP 178.253.15.12:0
File type ASCII text, with very long lines (8713), with no line terminators
Hash 8f17e5337b0f196e380b7c440da630f9
b5acc24b3eef7cbd560b814941aee6ef9ad45e8d
65968e0a70f0ecba8b9c42ebc5cd8dabbb6577b399b9a556ebda86bbbd244cfc
GET /_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/1ffcb409-912f77b9.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 2528
last-modified: Fri, 03 Feb 2023 15:58:17 GMT
vary: Accept-Encoding
etag: "63dd2f19-9e0"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/css/d849a619.css
178.253.15.12200 OK 865 B URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/css/d849a619.css
IP 178.253.15.12:0
File type ASCII text, with very long lines (4739), with no line terminators
Hash 4e1dc12d0c413758d244b310695e9bdb
4f61ac3973c05afddaf56166e37ea00d0120d1e2
e88b057b78765e19d92938195dd0f86aefb55b7813e8492b5e8ffb8c82a593c4
GET /_nuxt/desktop/default/css/d849a619.css HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: text/css
content-length: 865
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-361"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/Page.Bonus-229a3c35.modern.js
178.253.15.12200 OK 6.6 kB URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/Page.Bonus-229a3c35.modern.js
IP 178.253.15.12:0
File type Unicode text, UTF-8 text, with very long lines (20477), with no line terminators
Hash 43950871ddb92bc0998ec328688b92ea
96dcf9f0b116e8dc52f78287df13e3a6e028e32c
d78c700e75ecfaa77c5a38ff10f60d34c4b7c6e39b6dfa1148aef2788cd9273c
GET /_nuxt/desktop/default/Page.Bonus-229a3c35.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 6643
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-19f3"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/vendors/Page.Bonus.Rule-5ee4fea5.modern.js
178.253.15.12200 OK 7.2 kB URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/vendors/Page.Bonus.Rule-5ee4fea5.modern.js
IP 178.253.15.12:0
File type ASCII text, with very long lines (26619), with no line terminators
Hash 6c9d6059443cd47312c41ce82a6c6d62
b41c02316cab5d65f7a1a5ba3c09e5c9ac87df5b
67fb0162f4be1fd3948fb4c6971a953c989f4ec4d639805b8b239a2ace95585d
GET /_nuxt/desktop/default/vendors/Page.Bonus.Rule-5ee4fea5.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 7184
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-1c10"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/css/f6cdbb44.css
178.253.15.12200 OK 796 B URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/css/f6cdbb44.css
IP 178.253.15.12:0
File type ASCII text, with very long lines (3255), with no line terminators
Hash d680af5ca1534d0b85966227a011588a
7cd91408dfe2f679dbccd543fb2a6bc84f15741e
75bcd2b688baa1237c656bc1dd2b4effa502845b7d851e870fac77386e810637
GET /_nuxt/desktop/default/css/f6cdbb44.css HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: text/css
content-length: 796
last-modified: Fri, 03 Feb 2023 15:58:17 GMT
vary: Accept-Encoding
etag: "63dd2f19-31c"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/Page.Bonus.MainPage/Page.Bonus.Rule-1df7ff80.modern.js
178.253.15.12200 OK 4.0 kB URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/Page.Bonus.MainPage/Page.Bonus.Rule-1df7ff80.modern.js
IP 178.253.15.12:0
File type ASCII text, with very long lines (11739), with no line terminators
Hash fd3fcb8447772803055c9a1713c265ee
7f398e8ae4a6ea3ecb7f59bdb490127ec3d38c8d
1800ce170f2e6bbbbb172505ed66457d6a8776fea9d5f61a65a879134af95b70
GET /_nuxt/desktop/default/Page.Bonus.MainPage/Page.Bonus.Rule-1df7ff80.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 3972
last-modified: Fri, 03 Feb 2023 15:58:17 GMT
vary: Accept-Encoding
etag: "63dd2f19-f84"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/css/b3c07b1b.css
178.253.15.12200 OK 1.7 kB URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/css/b3c07b1b.css
IP 178.253.15.12:0
File type ASCII text, with very long lines (10923), with no line terminators
Hash efd54ab0c29f11490b448521d8891164
49ce47d5a482b69b5495a50b39798d9fb6228cc1
e506963127e23229d92dd94ef65cfae4ddbb98fa34cfb5e3464c8fde4796f792
GET /_nuxt/desktop/default/css/b3c07b1b.css HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: text/css
content-length: 1655
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-677"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/Page.Bonus.Rule-7012baaa.modern.js
178.253.15.12200 OK 6.5 kB URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/Page.Bonus.Rule-7012baaa.modern.js
IP 178.253.15.12:0
File type ASCII text, with very long lines (22431), with no line terminators
Hash d78659e6e7aae86d8d5c2451752c1c55
00df90fcb2c548d3b3ed254acfef489656762385
c208a0a3cfbf373a1c4ac84432d53b87b475736e5ad43c80efefce92a3bc13ca
GET /_nuxt/desktop/default/Page.Bonus.Rule-7012baaa.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 6521
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-1979"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:00 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1675544137858
178.253.15.12200 OK 145 B URL HTTP/2 1xlite-277345.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1675544137858
IP 178.253.15.12:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1675544137858 HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
expires: Sun, 05 Feb 2023 20:55:00 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-277345.top/pwa
178.253.15.12200 OK 15 B IP 178.253.15.12:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e4766fd1b2ba2e236fd9364587f99ab
eb98dec7af065d80a1a3ddb99cb3e3c0919aa852
4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b
GET /pwa HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/json; charset=utf-8
content-length: 15
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
server-timing: dt_285;dur=18
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/css/f9d99aa7.css
178.253.15.12200 OK 943 B URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/css/f9d99aa7.css
IP 178.253.15.12:0
File type ASCII text, with very long lines (3303), with no line terminators
Hash e4fd04067fd4cb615dafb76ce8c62729
1ba7bf93e0a2a8f316add4efd676d7268b4e7f6d
7dbd3f29a56002bfe747432dc14ef29fabf8556fc7998c85ee5a32b945d083f0
GET /_nuxt/desktop/default/css/f9d99aa7.css HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: text/css
content-length: 943
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-3af"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:01 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/frontend-api/site-conf/getLangs
178.253.15.12200 OK 19 kB URL HTTP/2 1xlite-277345.top/frontend-api/site-conf/getLangs
IP 178.253.15.12:0
Hash 5906dd68b88a58405858eff37816751d
b693bee576a51947c2b0e71f14651f126851c3d7
45d68af92f0a9d2105c149a589eac5f95c7e3c687fca76b17b9cf01696ab5290
GET /frontend-api/site-conf/getLangs HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
etag: W/"103a-kvktpoX4jjo8MYK8JJV3xSQ+q/M"
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/desktop/default/date-fns-locale-21-86259fdc.modern.js
178.253.15.12200 OK 2.6 kB URL HTTP/2 1xlite-277345.top/_nuxt/desktop/default/date-fns-locale-21-86259fdc.modern.js
IP 178.253.15.12:0
File type ASCII text, with very long lines (9012), with no line terminators
Hash 7f71df8e5905c322b3d249323ff3f6a9
7e3d1e624bc7f16f2f6b3239bcdb5cbcef86e743
f687321546ec2f899f7652ec7d2b49f0f53392ebde3d8a9c056b8e28e7170fd4
GET /_nuxt/desktop/default/date-fns-locale-21-86259fdc.modern.js HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 2644
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
vary: Accept-Encoding
etag: "63dd2f1a-a54"
content-encoding: gzip
expires: Sat, 04 Feb 2023 21:55:01 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/service-api/DbService/LongCache/GetSports?lng=en
178.253.15.12200 OK 3.3 kB URL HTTP/2 1xlite-277345.top/service-api/DbService/LongCache/GetSports?lng=en
IP 178.253.15.12:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10161), with no line terminators
Hash 36dab8cc27a156946f6427146666d310
73a5a7895e4ae18f1fe27935943b7ccfd4d13650
2417df8ddfae847cece86ccecb376f1059811c1bc5fcf8091045b23908e05e63
GET /service-api/DbService/LongCache/GetSports?lng=en HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 3308
cache-control: public,max-age=1800
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/web-api/api/internal/v1/blocks/check
178.253.15.12204 No Content 0 B URL HTTP/2 1xlite-277345.top/web-api/api/internal/v1/blocks/check
IP 178.253.15.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web-api/api/internal/v1/blocks/check HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
cache-control: no-cache, private
server-timing: p;dur=43, dt_285;dur=48
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/DC-99cae2fc.modern.js
8.247.219.122200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/DC-99cae2fc.modern.js
IP 8.247.219.122:0
File type ASCII text, with very long lines (2509), with no line terminators
Hash dce8d0096cbc8c992ada35d76b5b0626
567bd5b7a95727ecbf6e69fff0607dd94f21d447
4ae3cfb4ab3e366245dd9c51cb7127ffb0a4f7f3e07e710289a057cfa4cec48a
GET /_nuxt/desktop/default/DC-99cae2fc.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 1084
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-43c"
expires: Sun, 05 Feb 2023 07:48:32 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47189
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-277345.top/genfiles/cms/pg/285/css/value/42ba9774b8aea778d6717e7c99850e83.css
178.253.15.12200 OK 6.9 kB URL HTTP/2 1xlite-277345.top/genfiles/cms/pg/285/css/value/42ba9774b8aea778d6717e7c99850e83.css
IP 178.253.15.12:0
File type ASCII text, with very long lines (36504), with no line terminators
Hash 4993c46ab4cd5306156dfc3f8f081cf6
84b6c57cc2d383da8ee0dcdeed021f5b5e6fa874
7cdadc4f0cc36c451e15d75195206ac7526c6103b24f36d6e5ea9688626ffe43
GET /genfiles/cms/pg/285/css/value/42ba9774b8aea778d6717e7c99850e83.css HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Fri, 03 Feb 2023 11:44:04 GMT
x-rgw-object-type: Normal
etag: W/"d932a4ba154cc5607da3166fdb676f78"
content-encoding: br
expires: Sat, 04 Feb 2023 21:55:01 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/web-api/api/internal/v1/sessions/user
178.253.15.12200 OK 45 kB URL HTTP/2 1xlite-277345.top/web-api/api/internal/v1/sessions/user
IP 178.253.15.12:0
Hash 1c2788de895a01eec1c72b84af336c52
7bda9f5d49ec29c21495e0604f4bf449b6e8fcbc
2b2e3bffb4da1173fe19b898050c3044cc2c6017c53b8a10ded2e7ce5c63d1f3
GET /web-api/api/internal/v1/sessions/user HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=31, dt_285;dur=35
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/version.json?timestamp=1675544138780
178.253.15.12200 OK 44 B URL HTTP/2 1xlite-277345.top/version.json?timestamp=1675544138780
IP 178.253.15.12:0
Hash 2ff0903e2cf1934343d552ae57e72026
4ba867a032cfd0e85d695429de231d14c4c4dd56
ffa5642106dbd12dea7a3bd3a05ec8c1a34a9ce87385221b32f65da552cd631d
GET /version.json?timestamp=1675544138780 HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json
content-length: 44
last-modified: Fri, 03 Feb 2023 16:02:20 GMT
vary: Accept-Encoding
etag: "63dd300c-2c"
content-encoding: gzip
expires: Sat, 04 Feb 2023 20:56:01 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-dbc4cdbe.modern.js
8.247.219.122200 OK 5.4 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-dbc4cdbe.modern.js
IP 8.247.219.122:0
File type ASCII text, with very long lines (13485), with no line terminators
Hash 7f06e639dd356a59266d9c9f189ba386
0d6c16ba6360996937d586b90845213cb8bfc025
8a428f94da4415c5199b54e1630690845fb0f14bcb86e1196a0fbd5a946088d9
GET /_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-dbc4cdbe.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 5404
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f19-151c"
expires: Sun, 05 Feb 2023 07:48:36 GMT
last-modified: Fri, 03 Feb 2023 15:58:17 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47187
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-277345.top/web-api/api/converslon/load
178.253.15.12200 OK 6.0 kB URL HTTP/2 1xlite-277345.top/web-api/api/converslon/load
IP 178.253.15.12:0
Hash a5f99b6b26781f672431936c654bd018
90e3c521fec9b5cf1346b9bd931509691782c818
bd0a6e14c461ed8578afbc33afe184db6296672f3964d2d0f0e9513aae5192b7
GET /web-api/api/converslon/load HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=18, dt_285;dur=22
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-0f46e8a9.modern.js
8.247.219.122200 OK 26 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-0f46e8a9.modern.js
IP 8.247.219.122:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 35d71792c0a2c59cedeb3d5d9026dee4
17fecb3ac077b96043d8783c00e47143dcb0dc1d
4f2f8e80f034a1091f561a49e7ddfc18905ac384041c25aeff7f9aab2730b9fa
GET /_nuxt/desktop/default/vendors/conversion-0f46e8a9.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 26241
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-6681"
expires: Sun, 05 Feb 2023 07:48:36 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47187
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c
142.250.74.168200 OK 79 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (24181)
Hash f9bc45c5fc18a6743eea619f185fe5a3
05279ac2480542025ba72e7bbcba559a11f5d910
951531ef24540c59e8fc180c12b90b2ebada5a69507e87e6445e40e344e86911
GET /gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 04 Feb 2023 20:55:01 GMT
expires: Sat, 04 Feb 2023 20:55:01 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 79356
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_af5a3a8ec3cd3a3091cc936e8c4a5a54.json
8.247.219.122200 OK 18 kB URL HTTP/2 v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_af5a3a8ec3cd3a3091cc936e8c4a5a54.json
IP 8.247.219.122:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (54625), with no line terminators
Hash d4d6a4eea0614783818765304da03f46
df737da9b5781485bcf9f15751c9a90143d0eed6
a744d920bd73e39bbb8580511a2bd04fcc9e84a60850fb7308f4d69eade31744
GET /genfiles/web-app-v2/dictionary2/v3_main/en/dictionary_af5a3a8ec3cd3a3091cc936e8c4a5a54.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 18415
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"845619c9ec905724a73e8257d750cdff"
expires: Sun, 05 Feb 2023 15:29:24 GMT
last-modified: Sat, 04 Feb 2023 15:28:40 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19541
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_6d5b944fdd0a3c4562548c0f733c85c2.json
8.247.219.122200 OK 4.3 kB URL HTTP/2 v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_6d5b944fdd0a3c4562548c0f733c85c2.json
IP 8.247.219.122:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (13828), with no line terminators
Hash 700316513eb73d58378f5c97a9377279
855a843cf59d5324793b59e3562e9dca1a23ad57
49fe6ee1e739dc224a158910707c8657f14f1a9494815b4d247779e9eb028463
GET /genfiles/web-app-v2/dictionary2/v3_game/en/dictionary_6d5b944fdd0a3c4562548c0f733c85c2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 4286
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2ed73d68ee903a45b01ffd3b426f80e0"
expires: Sun, 05 Feb 2023 15:29:22 GMT
last-modified: Sat, 04 Feb 2023 15:28:41 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19541
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_3f33351716421034b67a836e912e10ab.json
8.247.219.122200 OK 5.4 kB URL HTTP/2 v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_3f33351716421034b67a836e912e10ab.json
IP 8.247.219.122:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (14938), with no line terminators
Hash 55b7565ef2817c68df52561cf23f5110
51d6ab7f596bf4aa98d1ad514f9c57ceb0fc7917
85f0af0811edf27af6b6b896fa99639ec5bbc8fb2094b29aee298b4e29eec442
GET /genfiles/web-app-v2/dictionary2/v3_coupon/en/dictionary_3f33351716421034b67a836e912e10ab.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 5379
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"834a01076db8c043427a4a7b3885eb44"
expires: Sun, 05 Feb 2023 15:29:22 GMT
last-modified: Sat, 04 Feb 2023 15:28:40 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19541
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_61e1dd9c431b53198066dde19642073d.json
8.247.219.122200 OK 2.9 kB URL HTTP/2 v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_61e1dd9c431b53198066dde19642073d.json
IP 8.247.219.122:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6946), with no line terminators
Hash c5627cfc9263bfa46cd4ea5aef248e50
326d8426b11dc1bc0ea392895b9c31972086a4cb
0b69b3a1b1db8abd521f156913ced27c1eead74bf8842da2ac9bed76a40d2ae9
GET /genfiles/web-app-v2/dictionary2/v3_auth/en/dictionary_61e1dd9c431b53198066dde19642073d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 2869
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"8f5719ed0f4449d144be3d7114924dde"
expires: Sun, 05 Feb 2023 15:29:22 GMT
last-modified: Sat, 04 Feb 2023 15:28:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19541
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_0eed2ead505c30525443faea303c4b23.json
8.247.219.122200 OK 2.2 kB URL HTTP/2 v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_0eed2ead505c30525443faea303c4b23.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text, with very long lines (5508), with no line terminators
Hash 5587d36f4a39a6bbf72e1e5d90ee7f74
9ae5fd7df78e0f251b468cfbb9b8589262b10c6b
07f4ce15810c016bda543b1c8e2004c9244da1a5c9d9d8c29f1d2f54b16e4ffa
GET /genfiles/web-app-v2/dictionary2/v3_registration/en/dictionary_0eed2ead505c30525443faea303c4b23.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 2248
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"ce5f95fa1fa98ffb6a58678180f4d447"
expires: Sun, 05 Feb 2023 15:29:22 GMT
last-modified: Sat, 04 Feb 2023 15:28:46 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19542
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_322abaa2b05b21c0c9e0fdd4f3ad907d.json
8.247.219.122200 OK 458 B URL HTTP/2 v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_322abaa2b05b21c0c9e0fdd4f3ad907d.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text, with very long lines (458), with no line terminators
Hash d9a5e041edcb5b0bb0548005d21838f1
979ea3464de824a694b115b56084a81b5cb51de9
fc107b3add846c6ef1b54e1005a619aaaecca4a3b7b703b4b99ab8777cd3fb13
GET /genfiles/web-app-v2/dictionary2/v3_express_day/en/dictionary_322abaa2b05b21c0c9e0fdd4f3ad907d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 458
cache-control: public, max-age=86400
etag: "d9a5e041edcb5b0bb0548005d21838f1"
expires: Sun, 05 Feb 2023 15:29:22 GMT
last-modified: Sat, 04 Feb 2023 15:29:04 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19539
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_732e9fb1a0132cecc2d2b16c983b3bd1.json
8.247.219.122200 OK 983 B URL HTTP/2 v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_732e9fb1a0132cecc2d2b16c983b3bd1.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text, with very long lines (3277), with no line terminators
Hash 0c9367759e3c2171ec341afde4d6e458
03510644aa46afa07fee96a2f619cfcce87d1522
4d77e997c8fc2471be1d5ba8ad7810c860667e9f82b02ccee6d9b9de0bbc490c
GET /genfiles/web-app-v2/dictionary2/v3_forgot_password/en/dictionary_732e9fb1a0132cecc2d2b16c983b3bd1.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 983
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"bc5ec175338bc45502e15ebdfe6212e2"
expires: Sun, 05 Feb 2023 15:29:24 GMT
last-modified: Sat, 04 Feb 2023 15:28:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19539
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_identification/en/dictionary_5a88c04a8bb43c78ae94c56b9889bb6e.json
8.247.219.122200 OK 2.6 kB URL HTTP/2 v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_identification/en/dictionary_5a88c04a8bb43c78ae94c56b9889bb6e.json
IP 8.247.219.122:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (8222), with no line terminators
Hash 689ff152b09ec1636a14caf65378de31
4aa4689254470c6eb169756097ace9471e2006ab
ef870cb809ce92fc3f83eb08e75dc21c00389929fcbeae2bd1d718cfe5f48dd0
GET /genfiles/web-app-v2/dictionary2/v3_identification/en/dictionary_5a88c04a8bb43c78ae94c56b9889bb6e.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 2574
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"e6e39c9dc8a9fd5c7d7705ce761f0501"
expires: Sun, 05 Feb 2023 15:30:16 GMT
last-modified: Sat, 04 Feb 2023 15:29:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19539
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_identification_modal/en/dictionary_3902a8ee29caae446764d4d575b23e96.json
8.247.219.122200 OK 308 B URL HTTP/2 v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_identification_modal/en/dictionary_3902a8ee29caae446764d4d575b23e96.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text, with very long lines (308), with no line terminators
Hash eaea7237ed46548348d734e5785361da
2730a1f181e86add56c027c3ba8a68e38a7c6bfe
f224b7b9eaee9d1bf50508c649983d4aa6cb80777d4fcbfef96db078da931d30
GET /genfiles/web-app-v2/dictionary2/v3_identification_modal/en/dictionary_3902a8ee29caae446764d4d575b23e96.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 308
cache-control: public, max-age=86400
etag: "eaea7237ed46548348d734e5785361da"
expires: Sun, 05 Feb 2023 15:29:30 GMT
last-modified: Sat, 04 Feb 2023 15:29:10 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19538
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_bonuses/en/dictionary_e9ff7a99c2c9e710d4cb9cc19bf36d51.json
8.247.219.122200 OK 1.7 kB URL HTTP/2 v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_bonuses/en/dictionary_e9ff7a99c2c9e710d4cb9cc19bf36d51.json
IP 8.247.219.122:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4009), with no line terminators
Hash ca553a3711aa89971243bc65a63c5ae7
a4614c36733b6e580e886ae5bb48728ff299a36c
6b5520c194fdaf03974d501fcf2eaf5c5fc5020e02b6837293c0e951eafad1fe
GET /genfiles/web-app-v2/dictionary2/v3_bonuses/en/dictionary_e9ff7a99c2c9e710d4cb9cc19bf36d51.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 1705
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"303bd6f7b67bf59763ab36cef4ce921a"
expires: Sun, 05 Feb 2023 15:56:03 GMT
last-modified: Sat, 04 Feb 2023 15:28:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19539
accept-ranges: bytes
X-Firefox-Spdy: h2
radar.cedexis.com/1593429750/radar.js
45.54.49.5200 OK 19 kB URL HTTP/1.1 radar.cedexis.com/1593429750/radar.js
IP 45.54.49.5:0
ASN #63911 NetActuate, Inc
File type ASCII text, with very long lines (1782)
Hash 2acb3c3179b2646943d1a8f5166743cc
56aa31a4027fec3dd8cc78114c6b0f3604716c14
0ac8b27ab0fd5f6440f4fc51e98694a417ae1402a3ca4feb224643327c079595
GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 04 Feb 2023 20:55:01 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 29 Jun 2020 11:30:35 GMT
Vary: Accept-Encoding
ETag: W/"5ef9d0db-af5c"
Expires: Sat, 18 Feb 2023 20:55:01 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_promo/en/dictionary_bab7163211916a6e5b3b9a5109ed55e1.json
8.247.219.122200 OK 637 B URL HTTP/2 v3.traincdn.com/genfiles/web-app-v2/dictionary2/v3_promo/en/dictionary_bab7163211916a6e5b3b9a5109ed55e1.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text, with very long lines (1389), with no line terminators
Hash b5a96f6257c379c646237c401f9f6618
1e3548f90be2474f7343adbbd560a6f3ccbbe429
85ed51e9d77c26ab3f7d143372841d290570bf4dd9b191e69f6c7d509f618b8c
GET /genfiles/web-app-v2/dictionary2/v3_promo/en/dictionary_bab7163211916a6e5b3b9a5109ed55e1.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json; charset=utf-8
content-length: 637
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"4053c251f9208ea407b3e844791d8217"
expires: Sun, 05 Feb 2023 15:39:41 GMT
last-modified: Sat, 04 Feb 2023 15:28:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 19539
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 04 Feb 2023 19:45:20 GMT
expires: Sat, 04 Feb 2023 21:45:20 GMT
cache-control: public, max-age=7200
age: 4181
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b669e9441007201537a20828d8d4c941.json
8.247.219.122200 OK 822 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b669e9441007201537a20828d8d4c941.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 02a58a65172a9624eeb90fc9bb386309
866c7477a35ee84b2d845addadfb9cd5f80519df
2f4f501c52a9d28e096e28785133f66dc61943b2c3349a5686fa3f8990af8886
GET /genfiles/cms/1-285/desktop/media_asset/b669e9441007201537a20828d8d4c941.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 822
cache-control: public, max-age=120, s-maxage=600
etag: "02a58a65172a9624eeb90fc9bb386309"
expires: Sun, 05 Feb 2023 03:41:47 GMT
last-modified: Fri, 16 Dec 2022 11:46:47 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 61995
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f581f42d803f91beddba79915c1245b9.json
8.247.219.122200 OK 436 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f581f42d803f91beddba79915c1245b9.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 6d3e6624c6649571ba2e987a8da4a156
7b5c29abc4f6a73d0be932f47426d352f5808286
10bcc57188ea877bc089bdfd16377f668f9619f5e51c611bdbbda1cae7749fdd
GET /genfiles/cms/1-285/desktop/media_asset/f581f42d803f91beddba79915c1245b9.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 436
cache-control: public, max-age=120, s-maxage=600
etag: "6d3e6624c6649571ba2e987a8da4a156"
expires: Sun, 05 Feb 2023 03:37:05 GMT
last-modified: Wed, 09 Nov 2022 17:20:55 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62278
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/265fd4170d33ecd0a32c64ca0ee78f11.json
8.247.219.122200 OK 483 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/265fd4170d33ecd0a32c64ca0ee78f11.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 4f175bce4122c1ebb4c3629df4b6775b
5a8a92f3c9782cd67a8437bbe17e2be32e5e82c2
3b575911138ca2ff40a5b128d692ab47b8a26643d27b64714d8b9587d4362a35
GET /genfiles/cms/1-285/desktop/media_asset/265fd4170d33ecd0a32c64ca0ee78f11.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 483
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"313a499f6965254920de0a225bc00094"
expires: Sun, 05 Feb 2023 09:14:22 GMT
last-modified: Wed, 25 Jan 2023 09:12:07 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 42067
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/143836a8145dfd411637eaab4dc9205a.json
8.247.219.122200 OK 448 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/143836a8145dfd411637eaab4dc9205a.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 90de3384c9b579eec621ea487b349131
0df16fdafc50a5809518a6d1a0dc686db8058adc
2419e2a6bd3add5acd8133e21bf565bafba9d4e44044f13049dcfba5d963cf64
GET /genfiles/cms/1-285/desktop/media_asset/143836a8145dfd411637eaab4dc9205a.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 448
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"8c0865180240e1cd2b85bbf22787a0e2"
expires: Sun, 05 Feb 2023 15:12:22 GMT
last-modified: Tue, 17 Jan 2023 15:03:51 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 20567
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/18512593c05fa51cf150eba714f0e81a.json
8.247.219.122200 OK 554 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/18512593c05fa51cf150eba714f0e81a.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 56467e05bb35c2682bdd76175b70483c
f2cfc47acc585dd9324f4b5bd1e4b34effe8284e
94037525bec750ea8bd5e2085b31b4f5ab30753ffe39f865c7790a4f726d6e68
GET /genfiles/cms/1-285/desktop/media_asset/18512593c05fa51cf150eba714f0e81a.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 554
cache-control: public, max-age=86400
etag: "56467e05bb35c2682bdd76175b70483c"
expires: Sun, 05 Feb 2023 18:17:47 GMT
last-modified: Tue, 27 Dec 2022 15:19:30 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 9437
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/64632a51597e81a2bdcc97a6bc6b3a6f.json
8.247.219.122200 OK 946 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/64632a51597e81a2bdcc97a6bc6b3a6f.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 4a89e10253274b05c673a5206e745f9b
8328f1f15552ecc184cf78b9f3e400905bb90de8
c8a2fc2e700b9fb5270eb8bd5d5247b513b15da06676afcbd9eb207ab27feb4d
GET /genfiles/cms/1-285/desktop/media_asset/64632a51597e81a2bdcc97a6bc6b3a6f.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 946
cache-control: public, max-age=120, s-maxage=600
etag: "4a89e10253274b05c673a5206e745f9b"
expires: Sun, 05 Feb 2023 03:35:06 GMT
last-modified: Fri, 25 Nov 2022 15:41:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62404
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/9ff29c5c1887a22d4ce1cedf1acfe66a.json
8.247.219.122200 OK 698 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/9ff29c5c1887a22d4ce1cedf1acfe66a.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 48a4ebb89730b25349ec152a0f637144
91d33953b00fa04e71b724ed52245f23d373ce43
429df5feb6040614f975a362627a0088c84ef62b2f89bb3fb6e98fd82f3fcc41
GET /genfiles/cms/1-285/desktop/media_asset/9ff29c5c1887a22d4ce1cedf1acfe66a.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 698
cache-control: public, max-age=120, s-maxage=600
etag: "48a4ebb89730b25349ec152a0f637144"
expires: Sun, 05 Feb 2023 03:46:34 GMT
last-modified: Wed, 19 Oct 2022 15:58:45 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 61709
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-277345.top/media-api/external/v1/actual-list/285
178.253.15.12200 OK 4.4 kB URL HTTP/2 1xlite-277345.top/media-api/external/v1/actual-list/285
IP 178.253.15.12:0
File type JSON data\012- , ASCII text, with very long lines (12722)
Hash 2bad092468d017059d2d84763c5faadb
d447ec94f7cd26cd79b86861c9e5d7e99ada1061
7a2cb82b95dab4652fc76eea4b5d221459e1abf65b0f6a53ef90e930e170ab08
GET /media-api/external/v1/actual-list/285 HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920; che_g=d11b141b-8844-64a4-0644-67c912ee4c37
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/json
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
access-control-allow-origin: https://gitlab.xbet.lan,https://doc.office.lan
content-encoding: gzip
server-timing: dt_285;dur=3
vary: Accept-Encoding
x-request-id: 485fc340769c9d843b0e3fb13bcb9798
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e082f2758e8ee5513c9ecfd310537b82.json
8.247.219.122200 OK 731 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/e082f2758e8ee5513c9ecfd310537b82.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash b48f50de824b4190dd1d21bb15d3f535
047334043ea2fe2b9767e96171837c1604d5d2b3
13a47d7e5a0fe0234a94e712a11903d64803db513029d406bf2d33aa17f5c6cb
GET /genfiles/cms/1-285/desktop/media_asset/e082f2758e8ee5513c9ecfd310537b82.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 731
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"56a5191b630a20b1a28c83a0f23b7f6e"
expires: Sun, 05 Feb 2023 03:44:09 GMT
last-modified: Thu, 24 Nov 2022 08:55:06 GMT
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 61866
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/22e76df188a133f0bc36a72b3b3f4873.json
8.247.219.122200 OK 210 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/22e76df188a133f0bc36a72b3b3f4873.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash f527e15d907f211b5113dbc56955faf1
25ddcfdc7fd0ce5ef631f86470c3a2e77a7aad8c
a1011fcf581117e91073315deb6afa6885be6809787d62f652de3796f129d983
GET /genfiles/cms/1-285/desktop/media_asset/22e76df188a133f0bc36a72b3b3f4873.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 210
cache-control: public, max-age=120, s-maxage=600
etag: "f527e15d907f211b5113dbc56955faf1"
expires: Sun, 05 Feb 2023 03:39:23 GMT
last-modified: Thu, 24 Nov 2022 09:43:23 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62139
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b7c2d85f777a0677ef3baf397653601d.json
8.247.219.122200 OK 111 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/b7c2d85f777a0677ef3baf397653601d.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash faffb5bfe33fdb8649243907d7a94bdf
162710a0dc33e410dcd71ae0d0d668fb5435a12e
0f02c603df2967927c6486280e6fa82b407d37292b42cd2093e63c7736b0f324
GET /genfiles/cms/1-285/desktop/media_asset/b7c2d85f777a0677ef3baf397653601d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 111
cache-control: public, max-age=120, s-maxage=600
etag: "faffb5bfe33fdb8649243907d7a94bdf"
expires: Sun, 05 Feb 2023 03:38:54 GMT
last-modified: Thu, 24 Nov 2022 19:45:04 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62168
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f21bfac77952011a6e229ba58adae02d.json
8.247.219.122200 OK 256 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f21bfac77952011a6e229ba58adae02d.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 39fca623bcf1adfcddf94df7c4a64e56
7ae9112e0a0862e75880d16dd5dc5c08adf374cf
6c44cc918b0c5b8d1d75c6f1cf3c5e5a7818afd703d139ddb6701bb2c9488cf7
GET /genfiles/cms/1-285/desktop/media_asset/f21bfac77952011a6e229ba58adae02d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 256
cache-control: public, max-age=120, s-maxage=600
etag: "39fca623bcf1adfcddf94df7c4a64e56"
expires: Sun, 05 Feb 2023 03:50:22 GMT
last-modified: Fri, 25 Nov 2022 13:34:46 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 61481
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ca16a13e90c218de51d3f5edfe6f0cc2.json
8.247.219.122200 OK 228 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/ca16a13e90c218de51d3f5edfe6f0cc2.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 5cac928a2f45d0805307a9c8f0aa78c4
ce1cfd7863d2f2ae2d9f5118c19a5b54c28391db
5b8285b661cd6d67311bba7e6e4bc4443540743ac6b0fa07e82a5a351a521a8c
GET /genfiles/cms/1-285/desktop/media_asset/ca16a13e90c218de51d3f5edfe6f0cc2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 228
cache-control: public, max-age=120, s-maxage=600
etag: "5cac928a2f45d0805307a9c8f0aa78c4"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Wed, 30 Nov 2022 10:02:19 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f4d7ad12e277e08b7aa2f4d49cb7d822.json
8.247.219.122200 OK 300 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f4d7ad12e277e08b7aa2f4d49cb7d822.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 48be76dca522651778b61fef1fd36f9b
197dc7f2871fcd308bad3bce323a80e86979f312
cc3b083e4f73b70afccad87ccf2272d175c9e83571bb59eac40d41ed48c54117
GET /genfiles/cms/1-285/desktop/media_asset/f4d7ad12e277e08b7aa2f4d49cb7d822.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 300
cache-control: public, max-age=120, s-maxage=600
etag: "48be76dca522651778b61fef1fd36f9b"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Wed, 30 Nov 2022 10:46:49 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1becdc1f6b59952249533c880c6880ec.json
8.247.219.122200 OK 946 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1becdc1f6b59952249533c880c6880ec.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash f41e20627f5e291f984b8554394c55e8
5b9d5e1b273b07f30ee54dfff81e60e90c433adc
20adb747045add70a6f3bcfa2aed39e89b248489cb297829f5e63d695cbfc032
GET /genfiles/cms/1-285/desktop/media_asset/1becdc1f6b59952249533c880c6880ec.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 946
cache-control: public, max-age=120, s-maxage=600
etag: "f41e20627f5e291f984b8554394c55e8"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Wed, 30 Nov 2022 17:34:27 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/963d69167e291893dfa57175129c3059.json
8.247.219.122200 OK 492 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/963d69167e291893dfa57175129c3059.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 248ebfceaa7a36bfde55f8b07497f6a5
1d40f8938b10f6e73858ef4d9722e3c7961b74fa
0c3933781c8928cca0da1a5138222b9a80ffc87e3158b6b5f836685dd6004895
GET /genfiles/cms/1-285/desktop/media_asset/963d69167e291893dfa57175129c3059.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 492
cache-control: public, max-age=120, s-maxage=600
etag: "248ebfceaa7a36bfde55f8b07497f6a5"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Wed, 30 Nov 2022 17:30:55 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62439
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8b6052052084c476e3df736ea07421c2.json
8.247.219.122200 OK 225 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8b6052052084c476e3df736ea07421c2.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 6a2755cb70b088e6141be598de61c5a6
f7f991fbf9eefc45b0a72c3a43828dc00a6910bc
9610dc037558698fe911191eef8997ee9252feba71a66f9d96a01ed558c8ba1f
GET /genfiles/cms/1-285/desktop/media_asset/8b6052052084c476e3df736ea07421c2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 225
cache-control: public, max-age=120, s-maxage=600
etag: "6a2755cb70b088e6141be598de61c5a6"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Sat, 03 Dec 2022 11:12:15 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/96881cd0fb2db04ec9d1cf86f4e4924f.json
8.247.219.122200 OK 1.7 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/96881cd0fb2db04ec9d1cf86f4e4924f.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 88d0490a9e8d198492747831ea278c54
46d195fb8837bedc664aa073a45c7b8c8a69bf07
68ba73152ae627378e8216d4bbb8131de929d2704def7b0fcae55039e1698c94
GET /genfiles/cms/1-285/desktop/media_asset/96881cd0fb2db04ec9d1cf86f4e4924f.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 1673
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"609aaa012670abbca24fd34d09c7b865"
expires: Sun, 05 Feb 2023 03:40:04 GMT
last-modified: Tue, 06 Dec 2022 14:12:36 GMT
server: Footprint Distributor V6.1.1162
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3f7f8110bcd8ce0a9aa4be48ea16e1d2.json
8.247.219.122200 OK 516 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3f7f8110bcd8ce0a9aa4be48ea16e1d2.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 44c2f1b2b4eb264032b24fa39874154f
099c97fa7fb406570e3125f5496544a3a9e0c894
e75dd03216f6cd1eb246a349a5f143ee8bb6666dd4348fe17e6d6b69a96c9aef
GET /genfiles/cms/1-285/desktop/media_asset/3f7f8110bcd8ce0a9aa4be48ea16e1d2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 516
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"e00aa40f39b62d158796afcc79d1fdbb"
expires: Sun, 05 Feb 2023 08:41:46 GMT
last-modified: Wed, 28 Dec 2022 08:33:44 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 44024
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/a63cc41bfcb34a244287322ddf38cff2.json
8.247.219.122200 OK 99 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/a63cc41bfcb34a244287322ddf38cff2.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 706f327eb7affdd0d7a76d6aafe7a10a
8855dcb66d82ff5ad628dba4fb731682cae0256c
afaa1867678dbdf762fe021180a5f286898e7bb4af3c38c023fe312abc038df8
GET /genfiles/cms/1-285/desktop/media_asset/a63cc41bfcb34a244287322ddf38cff2.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 99
cache-control: public, max-age=86400, s-maxage=600
etag: "706f327eb7affdd0d7a76d6aafe7a10a"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Wed, 21 Dec 2022 14:36:35 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/89565e7e77f2c2f7f8e9eca797d0601b.json
8.247.219.122200 OK 478 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/89565e7e77f2c2f7f8e9eca797d0601b.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 64ba3d1ec6aab98fd16071ae3633c67e
21a80c7002a74a180fac055443da2d11fc56016d
53d4b6974cbb9704556f6b6ca28c0d4429b0b75abd15d60aa6427038aaaad040
GET /genfiles/cms/1-285/desktop/media_asset/89565e7e77f2c2f7f8e9eca797d0601b.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 478
cache-control: public, max-age=86400
etag: "64ba3d1ec6aab98fd16071ae3633c67e"
expires: Sun, 05 Feb 2023 11:11:32 GMT
last-modified: Wed, 28 Dec 2022 10:59:54 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 35011
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f130397ae44629a33efc81ca213689cd.json
8.247.219.122200 OK 108 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f130397ae44629a33efc81ca213689cd.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash c6fcb39c93e99663b88f79bfe8769a0a
441ee30615b3766354187ffad0db8bb8096c7e10
2c0d5e509b523eab5d7969b3671fca5e87bf5d97711a705c4f6af3955266bea4
GET /genfiles/cms/1-285/desktop/media_asset/f130397ae44629a33efc81ca213689cd.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 108
cache-control: public, max-age=86400
etag: "c6fcb39c93e99663b88f79bfe8769a0a"
expires: Sun, 05 Feb 2023 13:34:37 GMT
last-modified: Wed, 28 Dec 2022 13:18:17 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 26476
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d3f71fe87f4c8a4a685b8802490fd0ed.json
8.247.219.122200 OK 358 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/d3f71fe87f4c8a4a685b8802490fd0ed.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash fd4225daa92034cbe5e5256cc6e4d85c
50573e6f66991bc6c958dcb03538647cb6707784
81e1d39ee911b54190b55f7bd481413e720f510f146637afeab26135ac570790
GET /genfiles/cms/1-285/desktop/media_asset/d3f71fe87f4c8a4a685b8802490fd0ed.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 358
cache-control: public, max-age=86400
etag: "fd4225daa92034cbe5e5256cc6e4d85c"
expires: Sun, 05 Feb 2023 11:15:39 GMT
last-modified: Mon, 26 Dec 2022 11:01:50 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 34792
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f2f4dc8e6428c223ac94654e5223001c.json
8.247.219.122200 OK 99 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/f2f4dc8e6428c223ac94654e5223001c.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 731f6291c733690f0b139344337bd977
7fbf1d1c95ef6508fa1709833f404da8a3897da4
f6bbb49a8a9c9eec2c54f7e408916c74759e8f06c8b9feb99516c723c9928932
GET /genfiles/cms/1-285/desktop/media_asset/f2f4dc8e6428c223ac94654e5223001c.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 99
cache-control: public, max-age=86400
etag: "731f6291c733690f0b139344337bd977"
expires: Sun, 05 Feb 2023 10:59:33 GMT
last-modified: Fri, 23 Dec 2022 10:47:37 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 35731
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c7e70d318bb14ce46630ac438ad4964.json
8.247.219.122200 OK 440 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c7e70d318bb14ce46630ac438ad4964.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 5d188375d8dce00cbdc0fd574d8e0bae
5fd7ecea863c61a9efc148ca5385f7e52d6b3d66
4357dc067ba824d9050578640f19cc65fc448031413178b43f57f56971781de8
GET /genfiles/cms/1-285/desktop/media_asset/7c7e70d318bb14ce46630ac438ad4964.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 440
cache-control: public, max-age=120, s-maxage=600
etag: "5d188375d8dce00cbdc0fd574d8e0bae"
expires: Sun, 05 Feb 2023 03:41:47 GMT
last-modified: Thu, 01 Dec 2022 11:01:29 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 61995
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8bce932550f21c5ffba363a9e794d799.json
8.247.219.122200 OK 464 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/8bce932550f21c5ffba363a9e794d799.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash dd29ab21d3e7cf4781fc0d05d2e40a0c
8d5107696ce4192ae8f473efa3b636ec1a72754e
74b39d8807a0f72cddc8081351d22ad891eda552ee8dfa6bd09a655bddb683ca
GET /genfiles/cms/1-285/desktop/media_asset/8bce932550f21c5ffba363a9e794d799.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 464
cache-control: public, max-age=86400
etag: "dd29ab21d3e7cf4781fc0d05d2e40a0c"
expires: Sun, 05 Feb 2023 18:41:55 GMT
last-modified: Thu, 29 Dec 2022 18:29:12 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 7987
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/943706cd841a10e16466c938b658fd1d.json
8.247.219.122200 OK 2 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/943706cd841a10e16466c938b658fd1d.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
GET /genfiles/cms/1-285/desktop/media_asset/943706cd841a10e16466c938b658fd1d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 2
cache-control: public, max-age=120, s-maxage=600
etag: "d751713988987e9331980363e24189ce"
expires: Sun, 05 Feb 2023 03:34:24 GMT
last-modified: Fri, 16 Dec 2022 18:00:50 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 62438
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/6805816e226c2419555ce0fde3514a7d.json
8.247.219.122200 OK 110 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/6805816e226c2419555ce0fde3514a7d.json
IP 8.247.219.122:0
File type JSON data\012- , ASCII text
Hash 1175ec94034c5e4c4edf702837643294
351c353aaef0b02c35e4ad829b622affdc44acc4
27adb9c530ca56b61926b0a6be2032c201de21d5eb4deef3736351cc57151c04
GET /genfiles/cms/1-285/desktop/media_asset/6805816e226c2419555ce0fde3514a7d.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
content-length: 110
cache-control: public, max-age=86400
etag: "1175ec94034c5e4c4edf702837643294"
expires: Sun, 05 Feb 2023 17:26:17 GMT
last-modified: Thu, 29 Dec 2022 17:18:40 GMT
server: nginx
access-control-allow-methods: GET
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 12525
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
8.247.219.122200 OK 698 B URL HTTP/2 v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP 8.247.219.122:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash baf96800254904a05eee2ff49c94a801
847efb3449a8d7857f004192310aa2164a71d530
0ba137aa5f655e712ac40a592f366d1bd3b53b0a6b71c2cff4e7e0090f440335
GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: image/svg+xml
content-length: 698
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Sun, 05 Feb 2023 03:09:48 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 63918
accept-ranges: bytes
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je3210&_p=77203338&cid=516282023.1675544139&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675544139&sct=1&seg=0&dl=https%3A%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je3210&_p=77203338&cid=516282023.1675544139&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675544139&sct=1&seg=0&dl=https%3A%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=45je3210&_p=77203338&cid=516282023.1675544139&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675544139&sct=1&seg=0&dl=https%3A%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-277345.top
date: Sat, 04 Feb 2023 20:55:02 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 07:51:59 GMT
expires: Thu, 01 Feb 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 306183
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.35200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 373556
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
142.250.74.35200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Feb 2023 12:24:15 GMT
expires: Thu, 01 Feb 2024 12:24:15 GMT
cache-control: public, max-age=31536000
age: 289847
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1xlite-277345.top/_nuxt/Desktop/Default/svg-sprites/common-2000139.svg
178.253.15.12200 OK 44 kB URL HTTP/2 1xlite-277345.top/_nuxt/Desktop/Default/svg-sprites/common-2000139.svg
IP 178.253.15.12:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 7e83acc280b6699b5dd0b353a5d44712
80ed52aeafd6dceea8b097a33e5534e4eecb6b7b
3f35574d9a746ac4743f3b52d0f467f67881e46862a1b702975e8d05c66b1017
GET /_nuxt/Desktop/Default/svg-sprites/common-2000139.svg HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
etag: W/"63dd2f1a-1b712"
expires: Sun, 05 Feb 2023 20:41:35 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-ff1f901e.modern.js
8.247.219.122200 OK 18 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-ff1f901e.modern.js
IP 8.247.219.122:0
File type Unicode text, UTF-8 text, with very long lines (43176), with NEL line terminators
Hash 894b8143139c9e94297417c9c1b7d10a
585fcc45d9ec7ecff96737ee52b0838846742a2f
852861604ba52b4b53805aed63936e1224d7ee71493054f32130c2225bcd40e8
GET /_nuxt/desktop/default/vendors/betting.media-ff1f901e.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 17545
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-4489"
expires: Sun, 05 Feb 2023 07:48:55 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47173
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/398badd9.css
8.247.219.122200 OK 1.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/398badd9.css
IP 8.247.219.122:0
File type ASCII text, with very long lines (5498), with no line terminators
Hash e21992f58d329c265b326d0ba8d59440
6210d114e7169c92cabb3589b6abba9e83078c33
91b5ccc3fc5186c54091da99b0fcadc43b92179c198b7a0b58dabc9a3880fd88
GET /_nuxt/desktop/default/css/398badd9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: text/css
content-length: 1238
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-4d6"
expires: Sun, 05 Feb 2023 12:28:35 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 30401
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-277345.top/web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st
178.253.15.12200 OK 4.7 kB URL HTTP/2 1xlite-277345.top/web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st
IP 178.253.15.12:0
Hash 36ddb4e6a2b02764ee27083394482738
a3ba434ba32b465a44a6927e740db71445d5e6ce
358844d3d25883163783019ad767b0f8c7cd2b44523b2f2f7486ee453edfc283
GET /web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/vnd.api+json
cache-control: max-age=300, private
server-timing: p;dur=156, dt_285;dur=159
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-6ba39157.modern.js
8.247.219.122200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-6ba39157.modern.js
IP 8.247.219.122:0
File type Unicode text, UTF-8 text, with very long lines (2450), with no line terminators
Hash 58030eabeba7ffaee3f3e3e07e0673e1
93572e0749eb8ff680d62d8dbaf0774bf3bc0963
dc004167b880991d21235113ca8e8d84f10a72b795dd543778d9e15044509bdb
GET /_nuxt/desktop/default/ioc.dependencies.32-6ba39157.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 1079
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-437"
expires: Sun, 05 Feb 2023 07:48:46 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47180
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-277345.top/domain-api/api/v1/domains/1xlite-277345.top
178.253.15.12200 OK 84 B URL HTTP/2 1xlite-277345.top/domain-api/api/v1/domains/1xlite-277345.top
IP 178.253.15.12:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d04a6797f03d7f5bd2988b15ab7ebb24
18bd0fe1fe44e78db59d4f853969762a61065704
53b2acde0c844bb480636038b55685ab9848987ec6bf719a0eacb5eff43a6849
GET /domain-api/api/v1/domains/1xlite-277345.top HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/vnd.api+json
content-length: 84
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&language=en
178.253.15.12200 OK 50 B URL HTTP/2 1xlite-277345.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&language=en
IP 178.253.15.12:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b87a1addd40bfb43c006eedcb9f21f28
7c504dfdecbb7e3e61f8681eb9e338a6698d5fc2
931bc5f84afccc01bc652d702e50b45ab57739699a88f157b994eda943ffcf57
GET /frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&language=en HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json; charset=utf-8
content-length: 50
access-control-allow-origin: *
etag: W/"32-fFBN/ey7fj5h+GgeueM4pmmNX8I"
server-timing: requestTime; dur=41.679576999999995; desc="req_t", renderTime; dur=41.687483; desc="rend_t", total; dur=43.18261; desc="Total Response Time"
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&geo=137&language=en
178.253.15.12200 OK 354 B URL HTTP/2 1xlite-277345.top/web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&geo=137&language=en
IP 178.253.15.12:0
File type JSON data\012- , ASCII text, with very long lines (354), with no line terminators
Hash 9ea782b2310e47d7c5ec74a238dcfe6b
a848ad8c2a0283795b21ecba1a427563e3151c79
8149dbe96db355358adb2f062dfa6481347d1c11ad4b7f87256cd080c2b77ee0
GET /web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-277345.top%2Fen%2Fbonus%2Frules%2F1st&geo=137&language=en HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/vnd.api+json
cache-control: max-age=300, private
server-timing: p;dur=142, dt_285;dur=144
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/web-api/api/internal/v1/proof_of_age
178.253.15.12204 No Content 0 B URL HTTP/2 1xlite-277345.top/web-api/api/internal/v1/proof_of_age
IP 178.253.15.12:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
cache-control: no-cache, private
server-timing: p;dur=28, dt_285;dur=33
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=516282023.1675544139&jid=402659514&gjid=613280133&_gid=423352991.1675544139&_u=aCDAAUACQAAAACAAI~&z=1699100981
64.233.161.154200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=516282023.1675544139&jid=402659514&gjid=613280133&_gid=423352991.1675544139&_u=aCDAAUACQAAAACAAI~&z=1699100981
IP 64.233.161.154:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=516282023.1675544139&jid=402659514&gjid=613280133&_gid=423352991.1675544139&_u=aCDAAUACQAAAACAAI~&z=1699100981 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://1xlite-277345.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 04 Feb 2023 20:55:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:55:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1xlite-277345.top/web-api/api/v3/bonuses/1st
178.253.15.12200 OK 235 kB URL HTTP/2 1xlite-277345.top/web-api/api/v3/bonuses/1st
IP 178.253.15.12:0
Size 235 kB (235315 bytes)
Hash 45d23e8dcebe78a7ca7846a93fcbc006
e36ed74d1e48d2de789d939d650e05d5f7f81e02
5ee55f3823a422ae0083b60067804e6c19817d43849afae6eb8da64432817d4e
POST /web-api/api/v3/bonuses/1st HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=390, dt_285;dur=393
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/grand-slam-tournaments.jpg
8.247.219.122200 OK 41 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/grand-slam-tournaments.jpg
IP 8.247.219.122:0
File type JPEG image data, progressive, precision 8, 315x250, components 3\012- data
Hash f35054e3f051511591cb7f782e78ac0f
33a2d9ff3ef9991875677550fba73da300d5eece
61eaa425416e23c9f9003fb68c34fd7f13fe15b5eb598d79913e0f93211569eb
GET /genfiles/cms/1-285/desktop/bonus/rules/grand-slam-tournaments.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpeg
content-length: 41188
cache-control: public, max-age=86400
etag: "f35054e3f051511591cb7f782e78ac0f"
expires: Sun, 05 Feb 2023 14:48:58 GMT
last-modified: Wed, 18 Jan 2023 09:41:47 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 21965
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/headless-football.jpg
8.247.219.122200 OK 14 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/headless-football.jpg
IP 8.247.219.122:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3\012- data
Hash b3b6e35e885c20452f70cbeb54027467
59fed2e87969e31fa45122379c8a97f33001bf36
0fa251b40dfc4acb0e7c3359bc38293df7898863185a74e90ee1761d04b3c08f
GET /genfiles/cms/1-285/desktop/bonus/rules/headless-football.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 14463
cache-control: public, max-age=120, s-maxage=600
etag: "b3b6e35e885c20452f70cbeb54027467"
expires: Sun, 05 Feb 2023 01:36:25 GMT
last-modified: Fri, 06 Nov 2020 12:52:02 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 71083
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.jpg
8.247.219.122200 OK 46 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.jpg
IP 8.247.219.122:0
File type JPEG image data, progressive, precision 8, 315x250, components 3\012- data
Hash bcd6f81e0f43cbcff60824bb657a8a78
f46f12f28645287c84ea4ada1b287461c54df69e
1575c46481e4e1eb7ad439a451ef4af705a1084196766db5aca4d47790fff484
GET /genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 45630
cache-control: public, max-age=120, s-maxage=600
etag: "bcd6f81e0f43cbcff60824bb657a8a78"
expires: Sat, 04 Feb 2023 22:27:01 GMT
last-modified: Mon, 13 Jun 2022 06:48:14 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 80882
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.jpg
8.247.219.122200 OK 44 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.jpg
IP 8.247.219.122:0
File type JPEG image data, progressive, precision 8, 315x250, components 3\012- data
Hash c37fcadea18df30563df3801edbc452e
79ad3ca2442918aa4c8c7647e4cda21081eaaef3
f5cd0b9aff7d896d296fbca52989ef5e15c3ec075d94a08fc5cda37367325858
GET /genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 43559
cache-control: public, max-age=120, s-maxage=600
etag: "c37fcadea18df30563df3801edbc452e"
expires: Sat, 04 Feb 2023 22:27:01 GMT
last-modified: Mon, 13 Jun 2022 06:50:19 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 80882
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/winter-wanderings-tournament.jpg
8.247.219.122200 OK 58 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/winter-wanderings-tournament.jpg
IP 8.247.219.122:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 450x330, components 3\012- data
Hash eb575afed87a72f88c8af25e783f20f9
cbc904da7aed59d29c4dcfb07b2a2a85d15f8424
1bc241d87bee9edfd7876891a17fd198be783632fe35d81a09c5718c75dc7851
GET /genfiles/cms/1-285/desktop/bonus/rules/winter-wanderings-tournament.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpeg
content-length: 57690
cache-control: public, max-age=86400
etag: "eb575afed87a72f88c8af25e783f20f9"
expires: Sun, 05 Feb 2023 07:14:23 GMT
last-modified: Thu, 05 Jan 2023 12:10:32 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 49240
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/drops-and-wins-2022-tournament.jpg
8.247.219.122200 OK 88 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/drops-and-wins-2022-tournament.jpg
IP 8.247.219.122:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 450x330, components 3\012- data
Hash 940def1de6f4f405864c47d769d970ed
db31187356f5619859e4238966497e870c4a0322
cc9d112403265c3f53b8ddc83d269227c503ce920cb50ae7291bae14571f9d86
GET /genfiles/cms/1-285/desktop/bonus/rules/drops-and-wins-2022-tournament.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpeg
content-length: 87535
cache-control: public, max-age=86400, s-maxage=600
etag: "940def1de6f4f405864c47d769d970ed"
expires: Sat, 04 Feb 2023 10:09:50 GMT
last-modified: Tue, 13 Dec 2022 16:50:13 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 49244
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/live-drops-and-wins-2022-tournament.jpg
8.247.219.122200 OK 106 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/live-drops-and-wins-2022-tournament.jpg
IP 8.247.219.122:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 450x330, components 3\012- data
Size 106 kB (106517 bytes)
Hash a52836e8cfc0c292408146194c28f19d
cc4b0f158ba4bf61952d59593f6e3689cc8b817a
8b7e24c6ab5b60d7fb58a16afe805791381b4ebcd513620049be2979282e75af
GET /genfiles/cms/1-285/desktop/bonus/rules/live-drops-and-wins-2022-tournament.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpeg
content-length: 106517
cache-control: public, max-age=86400, s-maxage=600
etag: "a52836e8cfc0c292408146194c28f19d"
expires: Sun, 05 Feb 2023 13:59:29 GMT
last-modified: Tue, 13 Dec 2022 10:18:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 25897
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/cl-2022.jpg
8.247.219.122200 OK 72 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/cl-2022.jpg
IP 8.247.219.122:0
File type JPEG image data, progressive, precision 8, 315x250, components 3\012- data
Hash d0d9e7e510c66cff387f7f89f28b3702
d1cff04ce74fd8392a8667c554663a6dd5993265
998511ec7dc5864f1bb17ba362a65e615924ad5d6bf28ed819ac91a6fed42250
GET /genfiles/cms/1-285/desktop/bonus/rules/cl-2022.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 72465
cache-control: public, max-age=120, s-maxage=600
etag: "d0d9e7e510c66cff387f7f89f28b3702"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Wed, 28 Sep 2022 12:14:39 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 6052
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-force-buy-bonus.jpg
8.247.219.122200 OK 19 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-force-buy-bonus.jpg
IP 8.247.219.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), default quality", baseline, precision 8, 315x250, components 3\012- data
Hash befe3c1141d3ee2cda0afb63465226e1
989afc9404bfe2a0a283900df34981e96c609aad
58aa116a19dd40096d63926763ca0ed06d2de9c34d8bdd79fe05b102a7d044f2
GET /genfiles/cms/1-285/desktop/bonus/rules/promo-force-buy-bonus.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 18865
cache-control: public, max-age=120, s-maxage=600
etag: "befe3c1141d3ee2cda0afb63465226e1"
expires: Sun, 05 Feb 2023 09:41:19 GMT
last-modified: Fri, 06 Nov 2020 12:52:06 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 44215
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express-fight.jpg
8.247.219.122200 OK 56 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express-fight.jpg
IP 8.247.219.122:0
File type JPEG image data, baseline, precision 8, 315x250, components 3\012- data
Hash ca1c743728dbf7fa04daf902690f42ef
4d8b6e7fe9c4a1014c104c618b235a755efb5405
503b9de544f35df7cfb5150de6a97997203a84be22c58f9c665c6a3f26878a15
GET /genfiles/cms/1-285/desktop/bonus/rules/express-fight.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 55623
cache-control: public, max-age=120, s-maxage=600
etag: "ca1c743728dbf7fa04daf902690f42ef"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Fri, 22 Jul 2022 08:36:25 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 2275
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/big-bang-tournament.jpg
8.247.219.122200 OK 51 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/big-bang-tournament.jpg
IP 8.247.219.122:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 450x330, components 3\012- data
Hash a33dde3ef64955f4616fc300976847f4
be80b7122f65a3a02691eb685224e4fd953eec20
7abefbf48878bafd25689e57e32e99f0a79d20dffd8456b6711d6c5c2c3ee636
GET /genfiles/cms/1-285/desktop/bonus/rules/big-bang-tournament.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpeg
content-length: 51055
cache-control: public, max-age=86400, s-maxage=600
etag: "a33dde3ef64955f4616fc300976847f4"
expires: Sun, 05 Feb 2023 18:12:23 GMT
last-modified: Sun, 27 Nov 2022 20:35:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 13191
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.jpg
8.247.219.122200 OK 16 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.jpg
IP 8.247.219.122:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "Compressed by jpeg-recompress", progressive, precision 8, 315x250, components 3\012- data
Hash 24024233130161188e3570ecac8a8700
5519e647f0e39205096e53ecac5ff2b05f6bc8b8
9ba195730fb953243dd2f1dd4d1896cacd95ec63e5c22c69a478cd2ac20ca19f
GET /genfiles/cms/1-285/desktop/bonus/rules/top-bins.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 16543
cache-control: public, max-age=86400, s-maxage=600
etag: "24024233130161188e3570ecac8a8700"
expires: Sat, 04 Feb 2023 22:27:01 GMT
last-modified: Fri, 06 Nov 2020 12:52:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 80882
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-277345.top/web-api/api/internal/v1/sessions/user
178.253.15.12200 OK 100 kB URL HTTP/2 1xlite-277345.top/web-api/api/internal/v1/sessions/user
IP 178.253.15.12:0
Hash f3214739ca5498e36db25fe2295cccd9
2bd46ab790adb9eb44bceca8a81a03a745161cac
95e8e4d90e26e9a61f4525f347da16d47fe3f55bcffc06548a05bb07b6940270
GET /web-api/api/internal/v1/sessions/user HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=29, dt_285;dur=30
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/dailytournament.jpg
8.247.219.122200 OK 38 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/dailytournament.jpg
IP 8.247.219.122:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x250, components 3\012- data
Hash ef1314aefdb0fb58143bb8174f670f50
cb6915bed58a3c1d1e841fb63bf3efd460db293e
7b0b3eb569e49668bb845b5549cedc5621d7e0ec2990ae96bd7b3f15ec9d9a44
GET /genfiles/cms/1-285/desktop/bonus/rules/dailytournament.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 37779
cache-control: public, max-age=120, s-maxage=600
etag: "ef1314aefdb0fb58143bb8174f670f50"
expires: Sun, 05 Feb 2023 01:10:20 GMT
last-modified: Fri, 06 Nov 2020 12:51:59 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 71083
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/luckyday.jpg
8.247.219.122200 OK 33 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/luckyday.jpg
IP 8.247.219.122:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 315x250, components 3\012- data
Hash c1abca65835fa32fb830248a2776cdae
74d6a50d876dcbde563c09d34210e0ff050bc23a
0a4420b71802b9e42962f42924d521639ff3b43a6af41decddc4cb1cd4d78a02
GET /genfiles/cms/1-285/desktop/bonus/rules/luckyday.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 32713
cache-control: public, max-age=86400, s-maxage=600
etag: "c1abca65835fa32fb830248a2776cdae"
expires: Sun, 05 Feb 2023 05:44:58 GMT
last-modified: Fri, 06 Nov 2020 12:52:04 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 54605
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/m-effect.jpg
8.247.219.122200 OK 42 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/m-effect.jpg
IP 8.247.219.122:0
File type JPEG image data, baseline, precision 8, 315x250, components 3\012- data
Hash 8dbc7072a250f72b8effb9a46a43ebc6
97c73496927d4cf2678134711d122a59f5eb8282
626339465c07b3bdf2bdd2a751adc8e0312500fa0ee0399359d5799bc7ac977a
GET /genfiles/cms/1-285/desktop/bonus/rules/m-effect.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 41643
cache-control: public, max-age=86400
etag: "8dbc7072a250f72b8effb9a46a43ebc6"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Mon, 21 Mar 2022 07:35:47 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 6048
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/beatus.jpg
8.247.219.122200 OK 21 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/beatus.jpg
IP 8.247.219.122:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3\012- data
Hash 63d08b16fcfcca6c37e3b7006288ce24
8442c1e4ebd7c10f82f9d775c7662729b4d0708d
b63b0a7f32ac02189bf3de07e31c61e8487caa765307f7c7f0ca066478a38862
GET /genfiles/cms/1-285/desktop/bonus/rules/beatus.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 21128
cache-control: public, max-age=86400, s-maxage=600
etag: "63d08b16fcfcca6c37e3b7006288ce24"
expires: Sun, 05 Feb 2023 10:57:53 GMT
last-modified: Fri, 06 Nov 2020 12:51:58 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 44215
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st.jpg
8.247.219.122200 OK 108 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st.jpg
IP 8.247.219.122:0
File type PNG image data, 315 x 250, 8-bit/color RGB, non-interlaced\012- data
Size 108 kB (108359 bytes)
Hash e7b1615b0a8eed982a8050812f0998fe
815bf7953496d41dffb26bb21c06070640f68b0d
dada969a93aaed11ad6e039f97aa995601905b7b1ab9700329b86d571344fefd
GET /genfiles/cms/1-285/desktop/bonus/rules/1st.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 108359
cache-control: public, max-age=86400, s-maxage=600
etag: "e7b1615b0a8eed982a8050812f0998fe"
expires: Sun, 05 Feb 2023 11:33:22 GMT
last-modified: Mon, 21 Nov 2022 09:04:09 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 34760
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.jpg
8.247.219.122200 OK 21 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.jpg
IP 8.247.219.122:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 372x250, components 3\012- data
Hash ea2a704ec8a7d6a829dd82a13ba87b39
3259161ac5d9e13b545ad236714ffadc6d9b49b1
ea996848def281287065e2dedcf41a2e243e81254ac281dae95b7197e90783d1
GET /genfiles/cms/1-285/desktop/bonus/rules/multiply2.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 20639
cache-control: public, max-age=120, s-maxage=600
etag: "ea2a704ec8a7d6a829dd82a13ba87b39"
expires: Sat, 04 Feb 2023 22:27:01 GMT
last-modified: Fri, 06 Nov 2020 12:52:06 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 80882
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.jpg
8.247.219.122200 OK 14 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.jpg
IP 8.247.219.122:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 372x250, components 3\012- data
Hash 477586f04c56b78e22c45bfe2eabd60c
73578a6ff35439780cf4850250db8b73a0b782c9
ecdb942eec544352ec0d5dab63d2c9327e5301a25861b9f41eee95f84d0f2b90
GET /genfiles/cms/1-285/desktop/bonus/rules/express.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 14038
cache-control: public, max-age=120, s-maxage=600
etag: "477586f04c56b78e22c45bfe2eabd60c"
expires: Sat, 04 Feb 2023 22:27:03 GMT
last-modified: Fri, 06 Nov 2020 12:52:00 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 80882
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.jpg
8.247.219.122200 OK 33 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.jpg
IP 8.247.219.122:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 1x1, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], progressive, precision 8, 315x250, components 3\012- data
Hash 88d9dcf14c9ec05183d4c2d1e61dfca3
132181b19d8d5292acf8ba11ac123166f24b1486
c544b5aba5eff2e720e1f06aff663f23ca92d7ec9ba2253a9357273d6b07de9c
GET /genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 33441
cache-control: public, max-age=120, s-maxage=600
etag: "88d9dcf14c9ec05183d4c2d1e61dfca3"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Fri, 06 Nov 2020 12:52:07 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 6051
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.jpg
8.247.219.122200 OK 46 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.jpg
IP 8.247.219.122:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3\012- data
Hash 8e5b63486b00b68073e1c72f617c681a
f3f00f8d297bb75ea7f267e92fef20d164e51fc1
7bde09aa185ce9dda524613aabf30b3cb90f0d3e6f3b5b52bb50e78f2ab43ede
GET /genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 45906
cache-control: public, max-age=120, s-maxage=600
etag: "8e5b63486b00b68073e1c72f617c681a"
expires: Sun, 05 Feb 2023 01:10:20 GMT
last-modified: Thu, 22 Apr 2021 14:23:33 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 71083
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.jpg
8.247.219.122200 OK 54 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.jpg
IP 8.247.219.122:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 315x250, components 3\012- data
Hash 088127ead5ce788c82857fbdf994113b
2d45a9b1c9e2a114efcd9f6417b3e15cc898e06d
e68e0c196939c1fbf72a06f359d88abdbd5ccf597d8578043acac54e7fe8065a
GET /genfiles/cms/1-285/desktop/bonus/rules/percentage.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 53490
cache-control: public, max-age=120, s-maxage=600
etag: "088127ead5ce788c82857fbdf994113b"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Fri, 06 Nov 2020 12:52:06 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 6048
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store.jpg
8.247.219.122200 OK 14 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-store.jpg
IP 8.247.219.122:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 372x250, components 3\012- data
Hash abf2f939cf8a052578e2c871ec56b80d
3b5a4280fb67e9cfcd00577b553cc1f060d54d33
b3e9a20be4bb35ded9f748f1ed0b933fc2a586a837809635f0371f9dbe5bbe0f
GET /genfiles/cms/1-285/desktop/bonus/rules/promo-store.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 13852
cache-control: public, max-age=120, s-maxage=600
etag: "abf2f939cf8a052578e2c871ec56b80d"
expires: Sun, 05 Feb 2023 07:14:23 GMT
last-modified: Fri, 06 Nov 2020 12:52:07 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 49240
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.jpg
8.247.219.122200 OK 22 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.jpg
IP 8.247.219.122:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 372x250, components 3\012- data
Hash 0174c681bd35c45c7b4ff5eea28d8966
c793c1ddff57f96d5d1bad2580cecc8000463175
496c143ddf94f5dc2fe61e00ee6deabdb65daac291ee2e924a16727861331e75
GET /genfiles/cms/1-285/desktop/bonus/rules/loss20.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 21622
cache-control: public, max-age=120, s-maxage=600
etag: "0174c681bd35c45c7b4ff5eea28d8966"
expires: Sun, 05 Feb 2023 10:57:53 GMT
last-modified: Fri, 06 Nov 2020 12:52:04 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 44215
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.jpg
8.247.219.122200 OK 62 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.jpg
IP 8.247.219.122:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 315x250, components 3\012- data
Hash 5aaddf2c56dd3132a3eb40fd514309c6
74dc6650e0bc516bbefbe1da71fb5e0243e69191
5989764a0ab5e33ea4d229993ff2842fc8d9fe15e6a7ab42de32fc326e28b1c2
GET /genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 61571
cache-control: public, max-age=86400
etag: "5aaddf2c56dd3132a3eb40fd514309c6"
expires: Sat, 04 Feb 2023 14:50:58 GMT
last-modified: Tue, 11 Oct 2022 11:39:10 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 44215
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.jpg
8.247.219.122200 OK 23 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.jpg
IP 8.247.219.122:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 372x250, components 3\012- data
Hash d389504085d6a0adf21e9da34a039152
29c5ca6ff17b51674817f1380995a43f50404d93
e84e040ad8dc1b4f495332e0c676820afe5f12783f735600cf9652f6f335ddc2
GET /genfiles/cms/1-285/desktop/bonus/rules/race.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 22927
cache-control: public, max-age=120, s-maxage=600
etag: "d389504085d6a0adf21e9da34a039152"
expires: Sun, 05 Feb 2023 10:57:53 GMT
last-modified: Fri, 06 Nov 2020 12:52:06 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 44215
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/doverie.jpg
8.247.219.122200 OK 24 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/doverie.jpg
IP 8.247.219.122:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 372x250, components 3\012- data
Hash e7b54e87165cfc51f85befa2faf2c829
e7c152a65907a954ea21eeed7f94081515065c99
8ecf114ce5b12e0ccf7c14c3298f55fade216edffc2860b16b740debb386ff8f
GET /genfiles/cms/1-285/desktop/bonus/rules/doverie.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 23561
cache-control: public, max-age=120, s-maxage=600
etag: "e7b54e87165cfc51f85befa2faf2c829"
expires: Sun, 05 Feb 2023 19:27:37 GMT
last-modified: Fri, 06 Nov 2020 12:51:59 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 5526
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/black-friday.jpg
8.247.219.122200 OK 20 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/black-friday.jpg
IP 8.247.219.122:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 375x250, components 3\012- data
Hash d709371d6c6176589b49887db4554821
38b7d89016194d1ea23af1f3557b3e267f7cbaff
2123869212d427b5b99aff27f6d15d86816458a36bf4ab69f92f3ab8611a9f1d
GET /genfiles/cms/1-285/desktop/bonus/rules/black-friday.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 20079
cache-control: public, max-age=120, s-maxage=600
etag: "d709371d6c6176589b49887db4554821"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Fri, 06 Nov 2020 12:51:58 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 6043
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/insurance-bets.jpg
8.247.219.122200 OK 25 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/insurance-bets.jpg
IP 8.247.219.122:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 372x250, components 3\012- data
Hash 514d57da3a89384a44d5d49015190802
9fb78de88c22d34a04352efc4ff66b1bd82ade5f
7c0fce982143d3a68f61f4731fb4d7a851da66541812c3cf3648c1fe68e8e034
GET /genfiles/cms/1-285/desktop/bonus/rules/insurance-bets.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 25383
cache-control: public, max-age=86400, s-maxage=600
etag: "514d57da3a89384a44d5d49015190802"
expires: Sun, 05 Feb 2023 20:33:59 GMT
last-modified: Fri, 06 Nov 2020 12:52:03 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 2269
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.jpg
8.247.219.122200 OK 25 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.jpg
IP 8.247.219.122:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 372x250, components 3\012- data
Hash 7812b658d4412329fa085af889d60d7d
c0dea8b214f312c0bbc5bc36682888d9eb68542d
277485c051f686dea763df29f202a40f749970a24fca9330af577bc51c852ee1
GET /genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/jpg
content-length: 25011
cache-control: public, max-age=86400, s-maxage=600
etag: "7812b658d4412329fa085af889d60d7d"
expires: Sun, 05 Feb 2023 20:10:01 GMT
last-modified: Fri, 06 Nov 2020 12:51:58 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 2702
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st-slider.webp
8.247.219.122200 OK 18 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st-slider.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 945x370, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a4b243f76ff572881d54d6d590fb7cdf
dd97d6d98143012e8adecef2a7fad511f7b6c453
ea844aab8b34dab774ad139535dbdd01f9c3886736e241d34bc2088409ab1f10
GET /genfiles/cms/1-285/desktop/bonus/rules/1st-slider.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 18056
cache-control: public, max-age=120, s-maxage=600
etag: "a4b243f76ff572881d54d6d590fb7cdf"
expires: Sun, 05 Feb 2023 06:47:36 GMT
last-modified: Mon, 21 Nov 2022 08:28:42 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 50896
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/grand-slam-tournaments.webp
8.247.219.122200 OK 26 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/grand-slam-tournaments.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 1ae08e62e5d5b200f52c3d47215b5aab
b2cb0298a8a2688321451ace30bb61f7bf2462a1
50238bf838f1875b1bb577c3d63731473dd5a7538a2c3fd6396b1d3c451defa1
GET /genfiles/cms/1-285/desktop/bonus/rules/grand-slam-tournaments.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/webp
content-length: 25534
cache-control: public, max-age=86400
etag: "1ae08e62e5d5b200f52c3d47215b5aab"
expires: Sun, 05 Feb 2023 10:26:19 GMT
last-modified: Wed, 18 Jan 2023 09:41:47 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 38293
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/cl-2022.webp
8.247.219.122200 OK 9.4 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/cl-2022.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b27dc79f7bf8870d48b33c841317f571
517e21d93197119ce213880225098089b4925e2b
2db9baab69f187b764620458ae44c93c415be29d7881a625e94d4101e364b86f
GET /genfiles/cms/1-285/desktop/bonus/rules/cl-2022.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 9430
cache-control: public, max-age=120, s-maxage=600
etag: "b27dc79f7bf8870d48b33c841317f571"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Wed, 28 Sep 2022 12:14:39 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56816
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/house-of-the-barca.webp
8.247.219.122200 OK 16 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/house-of-the-barca.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f4942ea6b7a4ec9118e23f7986f59a6e
16b2fabacb446f9805bb950811447b1f44671f7e
5a0269e97647cb71839cfa8ccd4ae48fa8c4b4a15065770ea6a19d6b28c11b92
GET /genfiles/cms/1-285/desktop/bonus/rules/house-of-the-barca.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 16102
cache-control: public, max-age=86400, s-maxage=600
etag: "f4942ea6b7a4ec9118e23f7986f59a6e"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 10 Nov 2022 17:04:17 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56816
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-express.webp
8.247.219.122200 OK 12 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-express.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d71a689b6b71166227b22d241422099b
f3988f85a1a59126a3610213683395b3fa72d770
fa3cffd6ba8b0d51ec04c46ba8a2de96a82d9932ad697d87d7525c4b17107514
GET /genfiles/cms/1-285/desktop/bonus/rules/tv-bet-express.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 12500
cache-control: public, max-age=120, s-maxage=600
etag: "d71a689b6b71166227b22d241422099b"
expires: Sun, 05 Feb 2023 12:37:05 GMT
last-modified: Thu, 28 Jan 2021 08:28:58 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 29878
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express-fight.webp
8.247.219.122200 OK 19 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express-fight.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c085b2722d5f4393ec9f415976e7e0d3
31ea126b3ab5a0b4f7da6a9ab294e25b26e91b94
24ebd2fb88924fcbc69092ae958bb942c885295ab784efedfaa38f0301549601
GET /genfiles/cms/1-285/desktop/bonus/rules/express-fight.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 19086
cache-control: public, max-age=120, s-maxage=600
etag: "c085b2722d5f4393ec9f415976e7e0d3"
expires: Sun, 05 Feb 2023 05:22:11 GMT
last-modified: Fri, 22 Jul 2022 08:37:10 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56518
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/headless-football.webp
8.247.219.122200 OK 15 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/headless-football.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7c6c9a9adf5474f6c4af47317b6c1bee
4e9ba53c2d93f35aefc59360d69c658cc793cf72
bbfb151c074780451a8520972ed8d803c6ef74e9d69ca30802b15d93ff0097d7
GET /genfiles/cms/1-285/desktop/bonus/rules/headless-football.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 15242
cache-control: public, max-age=86400, s-maxage=600
etag: "7c6c9a9adf5474f6c4af47317b6c1bee"
expires: Sun, 05 Feb 2023 05:13:05 GMT
last-modified: Thu, 28 Jan 2021 05:59:57 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56518
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/m-effect.webp
8.247.219.122200 OK 8.2 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/m-effect.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 52cda241850f856a3a45718b7d13db38
00ab3b0c95c4e36fce09061d3adbbffd80ec6974
983a6538f7c4f0c98cf07ac049184d21af1d7f69dd478d64c6320517945f61b6
GET /genfiles/cms/1-285/desktop/bonus/rules/m-effect.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 8196
cache-control: public, max-age=120, s-maxage=600
etag: "52cda241850f856a3a45718b7d13db38"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Mon, 21 Mar 2022 07:47:28 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56815
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.webp
8.247.219.122200 OK 9.5 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e74e38a96e2b86b49bce5a4ecdb2e456
8ed3fce32fa8d91d39bd0bb642e3c45516d8a9eb
f7ca5371dc68183854f2893aa3d99bba1e080f3b2d6146a99e7561f9b79dbe87
GET /genfiles/cms/1-285/desktop/bonus/rules/slot-first-deposit.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 9528
cache-control: public, max-age=86400, s-maxage=600
etag: "e74e38a96e2b86b49bce5a4ecdb2e456"
expires: Sun, 05 Feb 2023 05:13:05 GMT
last-modified: Mon, 13 Jun 2022 06:48:14 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56518
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.webp
8.247.219.122200 OK 10 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a55f6bc5288f59157c1f4b0d99200c4f
64b37d821bf692cea5cde5734b3230cecd2b1ae0
0f29e044bfb569e9205e03de27030a08d6b32de2da815a72b059dca1cfea8707
GET /genfiles/cms/1-285/desktop/bonus/rules/slot-ten-deposit.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 10366
cache-control: public, max-age=86400, s-maxage=600
etag: "a55f6bc5288f59157c1f4b0d99200c4f"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Mon, 13 Jun 2022 06:50:19 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56815
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/winter-wanderings-tournament.webp
8.247.219.122200 OK 19 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/winter-wanderings-tournament.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1be723dba047b9d161bac210aa45b590
32e69231fac15b8904f652692494b0bbac202c0d
6bd39257b2dc1b6e76501519d75a7f33f252f9b77799ecb6bff6269d0cddab02
GET /genfiles/cms/1-285/desktop/bonus/rules/winter-wanderings-tournament.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/webp
content-length: 18994
cache-control: public, max-age=86400
etag: "1be723dba047b9d161bac210aa45b590"
expires: Sun, 05 Feb 2023 15:49:01 GMT
last-modified: Thu, 05 Jan 2023 12:10:33 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 18363
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/big-bang-tournament.webp
8.247.219.122200 OK 21 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/big-bang-tournament.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b22461fd82cd545cd1d76913961de482
080b3d4a78f7eddd5dbe5eafad3b4f4424af0baf
39b112fb3ed31d0a9a08e1a59e1f4afa4605f6ced44d3c4df8501e0c1800ebfd
GET /genfiles/cms/1-285/desktop/bonus/rules/big-bang-tournament.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/webp
content-length: 20702
cache-control: public, max-age=120, s-maxage=600
etag: "b22461fd82cd545cd1d76913961de482"
expires: Sun, 05 Feb 2023 05:36:57 GMT
last-modified: Sun, 27 Nov 2022 20:35:39 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 55086
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/drops-and-wins-2022-tournament.webp
8.247.219.122200 OK 25 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/drops-and-wins-2022-tournament.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 440d5676d2bd5017126f563950d4b379
89b2843732f9da71a87a56711d4491df45e33743
d3141663d960c6571f5fa2a3c68e458df9b5677d15cf82fbb9f36d970217f971
GET /genfiles/cms/1-285/desktop/bonus/rules/drops-and-wins-2022-tournament.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/webp
content-length: 25380
cache-control: public, max-age=86400, s-maxage=600
etag: "440d5676d2bd5017126f563950d4b379"
expires: Sun, 05 Feb 2023 05:36:57 GMT
last-modified: Tue, 13 Dec 2022 16:50:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 55086
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/live-drops-and-wins-2022-tournament.webp
8.247.219.122200 OK 20 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/live-drops-and-wins-2022-tournament.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 450x330, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 35a75c611ab854c34594028a87351a9a
1386d62e025208d9e1075ca84d357c00c451a63f
34af1d05438037b6084b186507af44ca9bb89a13ae9fe4b0349a97ce061fb5ae
GET /genfiles/cms/1-285/desktop/bonus/rules/live-drops-and-wins-2022-tournament.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: image/webp
content-length: 19800
cache-control: public, max-age=120, s-maxage=600
etag: "35a75c611ab854c34594028a87351a9a"
expires: Sat, 04 Feb 2023 23:51:34 GMT
last-modified: Tue, 13 Dec 2022 10:18:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 76127
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.webp
8.247.219.122200 OK 12 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash daeaf08697dfed851eb599384d148280
ea4673d4419b3957216e726a94df8e1c4f736120
a3fbdd7917afd1a842718ec3e7523e65a00f56f00a5efe278d1cf1ba5d9e0171
GET /genfiles/cms/1-285/desktop/bonus/rules/promo-no-risk-bet.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 11552
cache-control: public, max-age=120, s-maxage=600
etag: "daeaf08697dfed851eb599384d148280"
expires: Sun, 05 Feb 2023 05:22:12 GMT
last-modified: Thu, 28 Jan 2021 08:28:20 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56515
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.webp
8.247.219.122200 OK 7.6 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/top-bins.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d11c77ea0b5452913b78f4119b5dc2a6
51bd74151949ed7bfc8b75c6ff5f06695bdd3501
54b074dd43034216f6d809fd57a81c5ed43a4cee62da841ac1041cc05394cd45
GET /genfiles/cms/1-285/desktop/bonus/rules/top-bins.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 7550
cache-control: public, max-age=86400
etag: "d11c77ea0b5452913b78f4119b5dc2a6"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 08:28:57 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56814
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-force-buy-bonus.webp
8.247.219.122200 OK 13 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/promo-force-buy-bonus.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1db91e344f38c17a8c7419ab8ddd9e05
47f3dbbc7bbef1e9aab245639b081159b1405265
a9518efd061fe5d33840220aad72d37f3145769c48cc638d61cd0757120e4e83
GET /genfiles/cms/1-285/desktop/bonus/rules/promo-force-buy-bonus.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 13366
cache-control: public, max-age=120, s-maxage=600
etag: "1db91e344f38c17a8c7419ab8ddd9e05"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Mon, 01 Feb 2021 07:46:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56814
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.webp
8.247.219.122200 OK 13 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/percentage.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 2b8d7f30a15238b0631bdbf2afab5357
5706c1b3bd01c988932c62a995d79a639fbe1c7c
a914d629f844eb0f63f5a37090a6f6962274b82de0034afdb8be72d3ef8dbf61
GET /genfiles/cms/1-285/desktop/bonus/rules/percentage.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 13388
cache-control: public, max-age=86400, s-maxage=600
etag: "2b8d7f30a15238b0631bdbf2afab5357"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 08:28:18 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56814
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/dailytournament.webp
8.247.219.122200 OK 12 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/dailytournament.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4150e2dc51d3a01142fa6af8c628abe0
df31ac0ab74aaef80021305871d87ed8d348bd4d
21f4124e6eb2e7c08d4276774f61c2cfb615f43987a199b86a6ba2ad98960012
GET /genfiles/cms/1-285/desktop/bonus/rules/dailytournament.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 11720
cache-control: public, max-age=86400, s-maxage=600
etag: "4150e2dc51d3a01142fa6af8c628abe0"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 05:56:58 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56811
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.webp
8.247.219.122200 OK 9.1 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cf73cf5ee3883706242debc9d5f1c52e
e071e466fff51b6bff7edf48405c959865bdbe28
53e6a25ee8451c110b3f96164a7917bb8e6f4dfdcf84ec373eebd5b4dc56d88c
GET /genfiles/cms/1-285/desktop/bonus/rules/tv-bet-jackpot.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 9094
cache-control: public, max-age=120, s-maxage=600
etag: "cf73cf5ee3883706242debc9d5f1c52e"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 21 Jul 2022 06:10:55 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56814
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/beatus.webp
8.247.219.122200 OK 20 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/beatus.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c5afa6355f19096a19923a487d4fdf26
3f7037b18f68106e632e22acdfa5494c7a8cdb55
92665dec153ab94c0fed1d76d80a2feaf91f9b01a473648d87cd150a6631ef99
GET /genfiles/cms/1-285/desktop/bonus/rules/beatus.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 19720
cache-control: public, max-age=120, s-maxage=600
etag: "c5afa6355f19096a19923a487d4fdf26"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 05:56:51 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56813
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/luckyday.webp
8.247.219.122200 OK 8.8 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/luckyday.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 93bf4b295b8f915d635a7eee111796f5
e38064f3a1f2da3bab4a94b591a26e8ddac42ff5
d630ddc2f99ff9bc2d2bbb207a0fa7aad4ffbdc4340d618ce025fc24e2466023
GET /genfiles/cms/1-285/desktop/bonus/rules/luckyday.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 8800
cache-control: public, max-age=120, s-maxage=600
etag: "93bf4b295b8f915d635a7eee111796f5"
expires: Sun, 05 Feb 2023 05:22:12 GMT
last-modified: Thu, 28 Jan 2021 06:00:35 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56814
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st.webp
8.247.219.122200 OK 11 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/1st.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a9a36fedcff872396a9f3c7f790713a3
b401c66a5f8b5ab3422964dc1df540bdee8897c8
af610352cfbaf762bac809c78a4cd3c768e412c9bf3a3e2a8f795cded58dc474
GET /genfiles/cms/1-285/desktop/bonus/rules/1st.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 10554
cache-control: public, max-age=86400, s-maxage=600
etag: "a9a36fedcff872396a9f3c7f790713a3"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Mon, 21 Nov 2022 08:30:50 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56813
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/black-friday.webp
8.247.219.122200 OK 27 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/black-friday.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 375x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 38b7f70e41882a799ace2f3c818d36c0
c2ab674ec024937c957f2f716e7e0844ae52861c
8d026959d781637e6b7fa2fcaed09ff8e91b8454b485096c8d3f083b0f2b7d38
GET /genfiles/cms/1-285/desktop/bonus/rules/black-friday.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 27234
cache-control: public, max-age=120, s-maxage=600
etag: "38b7f70e41882a799ace2f3c818d36c0"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 05:56:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56813
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.webp
8.247.219.122200 OK 24 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/multiply2.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 09323130f34df1a82f4b2fbe5728296f
635ea77ca643c7e92d9407bf8dff6016f7e2e2c8
c0244cf31766824e9b248cb499f6ec4c5be5b95de5bccffe7654e17a2a4001cf
GET /genfiles/cms/1-285/desktop/bonus/rules/multiply2.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 23474
cache-control: public, max-age=120, s-maxage=600
etag: "09323130f34df1a82f4b2fbe5728296f"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 06:00:42 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56812
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.webp
8.247.219.122200 OK 14 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/express.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ea131523f0dbb86a73e247f98c86ed82
d538e4893a52f1040639371f9e38f25e85cd195f
34e829b145622e4f7e44c1c33132f8d3bc56193689b475076ba1952559bc3f20
GET /genfiles/cms/1-285/desktop/bonus/rules/express.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 14392
cache-control: public, max-age=120, s-maxage=600
etag: "ea131523f0dbb86a73e247f98c86ed82"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 05:59:46 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56812
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/birthday.webp
8.247.219.122200 OK 10 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/birthday.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c9e8e718698c0f70d56eff746ab89734
b31c32f767e2c80571df6ae0ba737847eca1ef97
bd7a052b317db19cd25c186b39db56c04cabb209b039644f51cc4874270a4b4b
GET /genfiles/cms/1-285/desktop/bonus/rules/birthday.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 10068
cache-control: public, max-age=120, s-maxage=600
etag: "c9e8e718698c0f70d56eff746ab89734"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 05:56:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56811
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.webp
8.247.219.122200 OK 26 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 3529a9950536352cadc5022231d76608
2883dfd254a6b2ac531e7749bd0986dd4c26b077
f9b9979b91624cafcb1f44cdf9b1a3926417ca700046a19466a94335ff8090cf
GET /genfiles/cms/1-285/desktop/bonus/rules/formula-one-game.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 26188
cache-control: public, max-age=120, s-maxage=600
etag: "3529a9950536352cadc5022231d76608"
expires: Sat, 04 Feb 2023 20:57:03 GMT
last-modified: Thu, 22 Apr 2021 14:23:33 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 55409
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.webp
8.247.219.122200 OK 5.6 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash a7827f5cae9db8756a23863a4a0af5a2
0d497835a173b7bce3b9e40fa8528f1d98cfbb37
cee7f08a00be265513188debfe6ff87fe90d51800b6db9d737beb8dbc8c7d24f
GET /genfiles/cms/1-285/desktop/bonus/rules/bets-by-telegram.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 5648
cache-control: public, max-age=120, s-maxage=600
etag: "a7827f5cae9db8756a23863a4a0af5a2"
expires: Sun, 05 Feb 2023 12:26:35 GMT
last-modified: Thu, 28 Jan 2021 05:56:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 30520
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-277345.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137
178.253.15.12200 OK 12 kB URL HTTP/2 1xlite-277345.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137
IP 178.253.15.12:0
Hash d5d860daea2a9f84ae1161fb124ede26
57a377d890f6fd8bf56f2bdcf140c26670c7fe5b
b1ac1718959133c4d4f1f035a98d27564ed1ed1cb324a4e0d2a2d5ee326077c1
GET /web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=89, dt_285;dur=91
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/doverie.webp
8.247.219.122200 OK 8.1 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/doverie.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash cec1abd6fa116d6d6113a76b239c8a81
8d36bb1ce8005f056d872e3d9a742d3e02d06a1d
b647f617d8fc08098c54645532d40ca40a067c878bf6229dcd16579ac86b9f12
GET /genfiles/cms/1-285/desktop/bonus/rules/doverie.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 8130
cache-control: public, max-age=86400, s-maxage=600
etag: "cec1abd6fa116d6d6113a76b239c8a81"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 05:57:00 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56811
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.webp
8.247.219.122200 OK 8.7 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/loss20.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e252f07758113d880371090ec6efa541
79e62e9eac0e64d0bf74ce7df73b8357704200d7
34eef57ccb0440558471d63c20c94dc49bc4d0572259c4d50c9a3413b433ff67
GET /genfiles/cms/1-285/desktop/bonus/rules/loss20.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 8700
cache-control: public, max-age=120, s-maxage=600
etag: "e252f07758113d880371090ec6efa541"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 06:00:32 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56811
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.webp
8.247.219.122200 OK 7.9 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/race.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c800b5cedfef8fc10c5700df8dbed4ad
574487c9147fc54dcf9403557298089530b70f04
c4c79cb2476e2d87a7a02b07f1d694752d015b8f8bf68928bfde3b10c16e1a8f
GET /genfiles/cms/1-285/desktop/bonus/rules/race.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 7914
cache-control: public, max-age=120, s-maxage=600
etag: "c800b5cedfef8fc10c5700df8dbed4ad"
expires: Sun, 05 Feb 2023 07:51:57 GMT
last-modified: Thu, 28 Jan 2021 08:28:21 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 47711
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/insurance-bets.webp
8.247.219.122200 OK 7.1 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/insurance-bets.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash dc314f88e6596ca91d19a3b6027e1360
a70a751ba925d3b090d70091e4a26afbd0650ba0
416b4ee74667eb9bf69ca8c78d66361b6058ae06c62c82d43d6c2e65811e80fd
GET /genfiles/cms/1-285/desktop/bonus/rules/insurance-bets.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 7110
cache-control: public, max-age=86400, s-maxage=600
etag: "dc314f88e6596ca91d19a3b6027e1360"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 06:00:29 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56811
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/toto-free.webp
8.247.219.122200 OK 27 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/toto-free.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 372x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 688be311173fb9c91088f45d81be2e78
62103ee52b02444cb76ca3f5a47acbd84e1ba189
942f092954a412236c206359f47bb2e3ceba5954b54f2c00c988940c0d9bd801
GET /genfiles/cms/1-285/desktop/bonus/rules/toto-free.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 27398
cache-control: public, max-age=120, s-maxage=600
etag: "688be311173fb9c91088f45d81be2e78"
expires: Sun, 05 Feb 2023 05:08:33 GMT
last-modified: Thu, 28 Jan 2021 08:28:57 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56810
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.webp
8.247.219.122200 OK 62 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.webp
IP 8.247.219.122:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], progressive, precision 8, 315x250, components 3\012- data
Hash 5aaddf2c56dd3132a3eb40fd514309c6
74dc6650e0bc516bbefbe1da71fb5e0243e69191
5989764a0ab5e33ea4d229993ff2842fc8d9fe15e6a7ab42de32fc326e28b1c2
GET /genfiles/cms/1-285/desktop/bonus/rules/hyper-bonus.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/octet-stream
content-length: 61571
cache-control: public, max-age=120, s-maxage=600
etag: "5aaddf2c56dd3132a3eb40fd514309c6"
expires: Sun, 05 Feb 2023 05:13:05 GMT
last-modified: Wed, 12 Oct 2022 09:29:43 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56518
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback-1-137.webp
8.247.219.122404 Not Found 118 B URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback-1-137.webp
IP 8.247.219.122:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash b58d632409efb03916cfef3229576c55
c2fb66483c899f427b0354d52b080ce8bb6b47c4
b0b0fadb436530e81236a3d97058fc501d732eb24768845c5e97ac8ac3c32176
GET /genfiles/cms/1-285/desktop/bonus/rules/vip-cashback-1-137.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 404 Not Found
date: Sat, 04 Feb 2023 20:55:04 GMT
content-type: text/html; charset=utf-8
content-length: 118
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 2
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback.webp
8.247.219.122200 OK 6.2 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/bonus/rules/vip-cashback.webp
IP 8.247.219.122:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 315x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c92bc7216404cb1bc46cad557d04a4b4
3ad6adb66ed52e54ef1d7adffaec4bf03f51d6df
f652aafdaab581a7843ca7939067e4bacfb5c09255a6408c76644187470ca00b
GET /genfiles/cms/1-285/desktop/bonus/rules/vip-cashback.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:04 GMT
content-type: application/octet-stream
content-length: 6224
cache-control: public, max-age=86400
etag: "c92bc7216404cb1bc46cad557d04a4b4"
expires: Sun, 05 Feb 2023 05:08:36 GMT
last-modified: Mon, 13 Jun 2022 06:52:38 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 56789
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 366d040b8e2064d3b4cc70fb1da70c80
ae6cc090670772a3a7a203aaf2ee0a6a68d1b369
ebdcc34dc012d16953852e466b4c65e2fc838272fa1ffc50a98cd4b7fc5dbc26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 702
Cache-Control: max-age=137466
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:55:04 GMT
Etag: "63de3964-117"
Expires: Mon, 06 Feb 2023 11:06:10 GMT
Last-Modified: Sat, 04 Feb 2023 10:54:28 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 366d040b8e2064d3b4cc70fb1da70c80
ae6cc090670772a3a7a203aaf2ee0a6a68d1b369
ebdcc34dc012d16953852e466b4c65e2fc838272fa1ffc50a98cd4b7fc5dbc26
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 702
Cache-Control: max-age=137466
Content-Type: application/ocsp-response
Date: Sat, 04 Feb 2023 20:55:04 GMT
Etag: "63de3964-117"
Expires: Mon, 06 Feb 2023 11:06:10 GMT
Last-Modified: Sat, 04 Feb 2023 10:54:28 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
1xlite-277345.top/web-api/q/dd80e8a56240ec5427452967dcf21503fc63883df
178.253.15.12200 OK 0 B URL HTTP/2 1xlite-277345.top/web-api/q/dd80e8a56240ec5427452967dcf21503fc63883df
IP 178.253.15.12:0
POST /web-api/q/dd80e8a56240ec5427452967dcf21503fc63883df HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-277345.top/en/bonus/rules/1st
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://1xlite-277345.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139; _gat_gtag_UA_178408567_1=1; is_rtl=1; fast_coupon=true; v3fr=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=31, dt_285;dur=32
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/frontend-api/seo/seoList?lng=en&gr=285&virtualSports=true&groupChamps=true
178.253.15.12200 OK 0 B URL HTTP/2 1xlite-277345.top/frontend-api/seo/seoList?lng=en&gr=285&virtualSports=true&groupChamps=true
IP 178.253.15.12:0
GET /frontend-api/seo/seoList?lng=en&gr=285&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: *
etag: W/"13c2-IxI/MvfOjnZceInPs01vdyNzRj4"
server-timing: total; dur=0.897426; desc="Total Response Time"
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
suphelper.com/widget/injector.js
104.16.43.72200 OK 0 B URL HTTP/2 suphelper.com/widget/injector.js
IP 104.16.43.72:0
GET /widget/injector.js HTTP/1.1
Host: suphelper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:04 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-d49403fd-098b-41ec-b2fa-70a24447f25c' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://suphelper.ru wss://suphelper.ru *.suphelper.ru https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
cache-control: public, max-age=300
last-modified: Tue, 03 Jan 2023 09:24:23 GMT
etag: W/"28e6c-18576f23558"
vary: Accept-Encoding
cf-cache-status: HIT
age: 294
server: cloudflare
cf-ray: 79464e1d0f1c98f0-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1xlite-277345.top/bonus/rules/1st
178.253.15.12302 Found 0 B URL HTTP/2 1xlite-277345.top/bonus/rules/1st
IP 178.253.15.12:0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /bonus/rules/1st HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sat, 04 Feb 2023 20:54:58 GMT
location: /en/bonus/rules/1st
reason-v3: empty_lang
server-timing: total;dur=0;desc="Nuxt Server Time", dt_285;dur=149
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: platform_type=desktop; Path=/; Expires=Tue, 07 Feb 2023 20:54:58 GMT
auid=sv0PDGPexiK8Lk3zA5bzAg==; path=/; secure; httponly; samesite=lax
X-Firefox-Spdy: h2
1xlite-277345.top/translation-api/by-lang/en
178.253.15.12200 OK 0 B URL HTTP/2 1xlite-277345.top/translation-api/by-lang/en
IP 178.253.15.12:0
GET /translation-api/by-lang/en HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:01 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
etag: "bffc98347ee35b3ead06728d6f073c68"
server-timing: p;dur=27
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/app-5cd67df7.modern.js
8.247.219.122200 OK 0 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/app-5cd67df7.modern.js
IP 8.247.219.122:0
GET /_nuxt/desktop/default/app-5cd67df7.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-277345.top
Connection: keep-alive
Referer: https://1xlite-277345.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 04 Feb 2023 20:55:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 186313
cache-control: max-age=86400
content-encoding: gzip
etag: "63dd2f1a-2d7c9"
expires: Sun, 05 Feb 2023 07:48:19 GMT
last-modified: Fri, 03 Feb 2023 15:58:18 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 47204
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-277345.top/web-api/api/v3/bonuses/first-deposit
178.253.15.12200 OK 0 B URL HTTP/2 1xlite-277345.top/web-api/api/v3/bonuses/first-deposit
IP 178.253.15.12:0
GET /web-api/api/v3/bonuses/first-deposit HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-277345.top/en/bonus/rules/1st
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==; lng=en; SESSION=8a81da53a6bf5842112a6f4a7b9eda8b; tzo=0; window_width=1280; che_g=d11b141b-8844-64a4-0644-67c912ee4c37; _ga_7JGWL9SV66=GS1.1.1675544139.1.1.1675544139.0.0.0; _ga=GA1.2.516282023.1675544139; _gid=GA1.2.423352991.1675544139
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:55:02 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=18, dt_285;dur=100
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-277345.top/en/bonus/rules/1st
178.253.15.12200 OK 0 B URL HTTP/2 1xlite-277345.top/en/bonus/rules/1st
IP 178.253.15.12:0
GET /en/bonus/rules/1st HTTP/1.1
Host: 1xlite-277345.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PDGPexiK8Lk3zA5bzAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 20:54:58 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
server-timing: total;dur=1;desc="Nuxt Server Time", dt_285;dur=2
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2