1x-xredbet088981.top/registration/
178.253.47.27301 Moved Permanently 162 B URL HTTP/1.1 1x-xredbet088981.top/registration/
IP 178.253.47.27:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /registration/ HTTP/1.1
Host: 1x-xredbet088981.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 25 Mar 2023 15:53:47 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://1x-xredbet088981.top/registration/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19159
Expires: Sat, 25 Mar 2023 21:13:07 GMT
Date: Sat, 25 Mar 2023 15:53:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14308
Expires: Sat, 25 Mar 2023 19:52:16 GMT
Date: Sat, 25 Mar 2023 15:53:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 15:15:27 GMT
content-type: application/json
age: 2301
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8696
Expires: Sat, 25 Mar 2023 18:18:44 GMT
Date: Sat, 25 Mar 2023 15:53:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: T/olDQIWm7U0leb9L99yqLEER3+IWBXSgI4Zk0NMKDaEdsZnLqTCHeG341baACieLvoLuK1FEug=
x-amz-request-id: PE64QG07HVZ62ZHP
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 14:54:57 GMT
age: 3531
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 90d3af712f8437d489370930656dcb7d
35b9499084cd99f3a4f63f6dbd684d3cccf58faa
5760acd2e3cb97440870e5f81adfebc20dadcf416deac861009d8a2f8a0ffc27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5760ACD2E3CB97440870E5F81ADFEBC20DADCF416DEAC861009D8A2F8A0FFC27"
Last-Modified: Thu, 23 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18265
Expires: Sat, 25 Mar 2023 20:58:13 GMT
Date: Sat, 25 Mar 2023 15:53:48 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:48 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c9d0016ea008aa2761d9e6c0212823ba
5c507bc8bc09340022e0919ceee7126a85b40d40
0ced8f80e8893d17f60e2982ed0bf29ce28c5562f5241bcec77bfce39396726a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0CED8F80E8893D17F60E2982ED0BF29CE28C5562F5241BCEC77BFCE39396726A"
Last-Modified: Thu, 23 Mar 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13148
Expires: Sat, 25 Mar 2023 19:32:56 GMT
Date: Sat, 25 Mar 2023 15:53:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 87240d30a67f0737530bc26979e7d69d
e5c6d183c4c72377a896a6c6870a22ba59ff110e
47fecdf69d4c7f69f2c63be831c5bc2425b983987925278e44bfa8e62830c9c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47FECDF69D4C7F69F2C63BE831C5BC2425B983987925278E44BFA8E62830C9C2"
Last-Modified: Fri, 24 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13960
Expires: Sat, 25 Mar 2023 19:46:28 GMT
Date: Sat, 25 Mar 2023 15:53:48 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 15:17:24 GMT
age: 2184
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zGL0WUa+FBrA9Q2GkaPGqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: smUATj+0+bKORpfdN133if0wupg=
Date: Sat, 25 Mar 2023 15:53:48 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3a85d9c2de0b1015b62c81a1ab7fe625
389c7fe2d0d53ff607a3fd8e27283c8f1cb3a238
717fa1c4098bd6e282c24452a39aafc0b436941b2f398ef0086960effcc3f2ca
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f751c73e70576131b57b322a3d6b7edb
16bc218aca06a29e9233d4c8dad57ef3ad5f7780
9b3544b3fa2e0a261b3c6d154d7e00c61b9d420a2ffe13cae60cd4a513d30275
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:53:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 03:03:05 GMT
Expires: Thu, 30 Mar 2023 03:03:04 GMT
Etag: "16bc218aca06a29e9233d4c8dad57ef3ad5f7780"
Cache-Control: max-age=385154,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad854373a80b50b-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f751c73e70576131b57b322a3d6b7edb
16bc218aca06a29e9233d4c8dad57ef3ad5f7780
9b3544b3fa2e0a261b3c6d154d7e00c61b9d420a2ffe13cae60cd4a513d30275
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:53:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 03:03:05 GMT
Expires: Thu, 30 Mar 2023 03:03:04 GMT
Etag: "16bc218aca06a29e9233d4c8dad57ef3ad5f7780"
Cache-Control: max-age=385154,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad854373bdcb529-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f751c73e70576131b57b322a3d6b7edb
16bc218aca06a29e9233d4c8dad57ef3ad5f7780
9b3544b3fa2e0a261b3c6d154d7e00c61b9d420a2ffe13cae60cd4a513d30275
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:53:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 03:03:05 GMT
Expires: Thu, 30 Mar 2023 03:03:04 GMT
Etag: "16bc218aca06a29e9233d4c8dad57ef3ad5f7780"
Cache-Control: max-age=385154,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad854373c3cb4f9-OSL
v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Games.GamesProject/Page.Game/60caf41e-212e2c08.modern.js
8.254.252.213200 OK 2.5 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Games.GamesProject/Page.Game/60caf41e-212e2c08.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (8200), with no line terminators
Hash 793ef13a8463df8e528bb25ee4c915d6
b7aea3d75042d880d503eb6992a2afd1230e022b
4bac80bb49a98ac5f3aff4aa98b4d88b5f4aaa6f80907ddec25d10cf88b61aea
GET /_nuxt/desktop/default/Layout.Information/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Games.GamesProject/Page.Game/60caf41e-212e2c08.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 2482
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-9b2"
expires: Sun, 26 Mar 2023 12:37:20 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11790
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Registration-63ff5a86.modern.js
8.254.252.213200 OK 2.6 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Registration-63ff5a86.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (7195), with no line terminators
Hash 37e5b6ca3b131f0fada5ba880d8b32f4
11f33c7a5c4fedad78576d8ad09176597ad69cb1
dc4fd82e7cb59aa37fa965e7385b31e42538fdac12f1d5e2c8e0dd2af6065546
GET /_nuxt/desktop/default/Page.Registration-63ff5a86.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 2618
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-a3a"
expires: Sun, 26 Mar 2023 12:37:36 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11779
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/fab5adf2.css
8.254.252.213200 OK 2.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/fab5adf2.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (16723), with no line terminators
Hash 3970a74d8b444d34ebf3e71113c5b7e5
f8966ebe093af4de4556ae32909389a74bdc001e
d2ccbde036c97c58ee7ffe55dc05b58e84d776b13643b7b03f35b6febc908cb4
GET /_nuxt/desktop/default/css/fab5adf2.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: text/css
content-length: 2079
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-81f"
expires: Sun, 26 Mar 2023 10:30:56 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 19376
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/commons/app-0c529b68.modern.js
8.254.252.213200 OK 87 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/commons/app-0c529b68.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (65476)
Hash 187b6a606ddb824fec7b5ba47dc05c5c
98585ea5b98c33be2945a6c47c6b647527afac93
bd18a0bf615538e8bec5f5d5b827ae52e56602e98dc9718abffab6be15b1d696
GET /_nuxt/desktop/default/commons/app-0c529b68.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 86988
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-153cc"
expires: Sun, 26 Mar 2023 12:37:23 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11787
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
8.254.252.213200 OK 698 B URL HTTP/2 v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP 8.254.252.213:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash baf96800254904a05eee2ff49c94a801
847efb3449a8d7857f004192310aa2164a71d530
0ba137aa5f655e712ac40a592f366d1bd3b53b0a6b71c2cff4e7e0090f440335
GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: image/svg+xml
content-length: 698
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Sun, 26 Mar 2023 03:12:37 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 45674
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/runtime-2a1698b0.modern.js
8.254.252.213200 OK 11 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/runtime-2a1698b0.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (33956), with no line terminators
Hash 91108e0d8ad3df20f4d2e84b27cdc562
0c12d9b8c33929f68cb591b50c36f446c3bf9606
1c9f796ab2e7930657b4453ff465ff6a91f9a9dabf9ab1a329d15eb17d30ba2c
GET /_nuxt/desktop/default/runtime-2a1698b0.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 11327
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-2c3f"
expires: Sun, 26 Mar 2023 14:23:43 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5414
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/620a933b.css
8.254.252.213200 OK 633 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/620a933b.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (2717), with no line terminators
Hash 48f92b600ace73bf4157e87a3d82dad3
acd00b1e75178457e5ea5ea48f6fe4b5a6ccb965
4513e985c8686bd6bfd2f594510662b0e84aed2da4f6f4138cc0d016d586f82b
GET /_nuxt/desktop/default/css/620a933b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: text/css
content-length: 633
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-279"
expires: Sun, 26 Mar 2023 09:33:13 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 22859
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/app-9d7c449a.modern.js
8.254.252.213200 OK 191 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/app-9d7c449a.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 191 kB (191116 bytes)
Hash 872a9bb204f2546a6b147381a1ca4e4e
4716cd88bd3423dfad604e5452b88da7a4b33999
f182e2a9e457008639bd32c97f843d4d7dc0ff01e703cc104f3200a140ebf6c8
GET /_nuxt/desktop/default/app-9d7c449a.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 191116
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-2ea8c"
expires: Sun, 26 Mar 2023 14:23:38 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5412
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/cc84628d.css
8.254.252.213200 OK 10 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/cc84628d.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0763cefffeee15ff5ead14f864f471ba
25d4a58078c77db85e863c3d01661d15e2b6582c
60dd8addf8a42c4e23fb86d93c00154ee958a6f0dc6d8d5069dce6a79197c600
GET /_nuxt/desktop/default/css/cc84628d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: text/css
content-length: 10372
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-2884"
expires: Sun, 26 Mar 2023 10:07:18 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 20793
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/app-cf9f15ab.modern.js
8.254.252.213200 OK 330 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/app-cf9f15ab.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (65430)
Size 330 kB (329518 bytes)
Hash eec62bb775e59c7e647e00b5ba2a09c3
5e992215a6ad24d182b1a8b9699afcfc4dc4715d
3edf3b97fc08bd07138a604eb651f7071944e8887cd7177415cb2d2ece2b68ec
GET /_nuxt/desktop/default/vendors/app-cf9f15ab.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 329518
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-5072e"
expires: Sun, 26 Mar 2023 14:23:43 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5412
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f751c73e70576131b57b322a3d6b7edb
16bc218aca06a29e9233d4c8dad57ef3ad5f7780
9b3544b3fa2e0a261b3c6d154d7e00c61b9d420a2ffe13cae60cd4a513d30275
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:53:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 03:03:05 GMT
Expires: Thu, 30 Mar 2023 03:03:04 GMT
Etag: "16bc218aca06a29e9233d4c8dad57ef3ad5f7780"
Cache-Control: max-age=385153,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad854373df10b4d-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash f751c73e70576131b57b322a3d6b7edb
16bc218aca06a29e9233d4c8dad57ef3ad5f7780
9b3544b3fa2e0a261b3c6d154d7e00c61b9d420a2ffe13cae60cd4a513d30275
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:53:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 03:03:05 GMT
Expires: Thu, 30 Mar 2023 03:03:04 GMT
Etag: "16bc218aca06a29e9233d4c8dad57ef3ad5f7780"
Cache-Control: max-age=385153,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad854373c3fb4f7-OSL
v3.traincdn.com/version.json
8.254.252.213200 OK 44 B URL HTTP/2 v3.traincdn.com/version.json
IP 8.254.252.213:0
Hash 21465562045422e84190aacb1317d092
a486fc4f1b7a6d9bcec18b0d72d9178d0432c39e
8f819bcc4ad95c12a4c8cfa9d29b45002d051e5d445f4ce0067f7bf3512ea8e2
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/json
content-length: 44
cache-control: max-age=60, s-maxage=60
content-encoding: gzip
etag: "641c4fc1-2c"
expires: Sat, 25 Mar 2023 15:54:13 GMT
last-modified: Thu, 23 Mar 2023 13:10:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 37
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/a6487f8a.css
8.254.252.213200 OK 45 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/a6487f8a.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9ec37a6b66bc0ebf63673f93dbaf2669
296c623bd24002b9f8d6fee86f581cb3c591369a
09a97dff70c05c919bf9e1f7a6f6940b14589414ea25997e97c40e0416c4fe5f
GET /_nuxt/desktop/default/css/a6487f8a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: text/css
content-length: 44912
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-af70"
expires: Sun, 26 Mar 2023 14:23:39 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5411
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12695
Expires: Sat, 25 Mar 2023 19:25:25 GMT
Date: Sat, 25 Mar 2023 15:53:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12695
Expires: Sat, 25 Mar 2023 19:25:25 GMT
Date: Sat, 25 Mar 2023 15:53:50 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02e0767e0c72d95e30337ad42f5d15b3
79aa21ca35c9d98ea7d0713d219e9b67083bdc05
7991a0c4d409cca49259cb626d0de39684635f14fad72e074b303235026673a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 38d33f4d-2b85-4666-b778-04f4b4dfdf10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihSFIdIAMFRjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a1-036a28e75189d05209396933;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: eYAgUDZFGkaskq0A77VgX54hvvjtQtClrFyED3COkankS76uD7hTAQ==
via: 1.1 53ee82a7eb57de316cba44c26680b4a6.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:43:52 GMT
age: 65398
etag: "79aa21ca35c9d98ea7d0713d219e9b67083bdc05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 05:56:24 GMT
age: 35846
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aecd210f66f83c73c3450d047ae7448a
d68861e96e12e8a3f293dbae8b687f05b6e15afb
22b69c41c56e5538d91f824d5dc2e63ab5563f99ae8e429c9166f4b397cacd0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5296
x-amzn-requestid: 11fdf0c8-244c-4cd5-bfa7-4c77d777174f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzEqkIAMFXOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-5c241d63598dbf595b54ead5;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: b1KWFmKdRQ4DU0v5JmC7AJatpv2B5FAHKVWL7pFiyh13fqYDA5qydA==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:13 GMT
age: 64597
etag: "d68861e96e12e8a3f293dbae8b687f05b6e15afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1xlite-412089.top/genfiles/cms/pg/285/css/value/835091f561292d90076ac4d66f891da6.css
178.253.15.19200 OK 14 kB URL HTTP/2 1xlite-412089.top/genfiles/cms/pg/285/css/value/835091f561292d90076ac4d66f891da6.css
IP 178.253.15.19:0
File type ASCII text, with very long lines (27759), with no line terminators
Hash 3e82ed1459d38ba2158caad6d57f12a3
147baa181b27d82da8009e6544f354f6d243749d
bb2171713fe7ed016c44287f5811adf6a3a469472f676556513d0fe78cf2bc4f
GET /genfiles/cms/pg/285/css/value/835091f561292d90076ac4d66f891da6.css HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:49 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 23 Mar 2023 12:07:20 GMT
x-rgw-object-type: Normal
etag: W/"9f73cdc4d6d26a078df3692e253640d3"
content-encoding: br
expires: Sat, 25 Mar 2023 16:53:49 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5773974a7341690f006b052ad02c94db
1b11316c952e2195da1646dd94671669e7e3bc2b
a06b72138745500cacc919fea29536ebd4188a1c483f6123e3402458e299f16a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: bad99b1e-3923-4de9-8bea-4dd04e96f7cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfFGcIAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-0826b92d4c4af16553503600;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 9AGLmjvUSTKIsYIWECOR8QwdF4PP1tP1TweUm0VYvxQ0qskqj3YuLA==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:43:53 GMT
age: 65397
etag: "1b11316c952e2195da1646dd94671669e7e3bc2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd191e3a122d6e31f81e6e9d434c58d6
aec88022970c93289434f8097e4a663da33e5271
1f00c901ef479637ec703d7924526a970cb13dd2635b2bbb68b285df9d98e011
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6185
x-amzn-requestid: 223de50b-9a7e-4ac7-9305-336658eec4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiwYHoLoAMFXtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e1802-226bd8524ade75234053ff50;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:37:06 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ye0ADORg1hFVLxcNVj-qS60tlfguOEtyTx_XFU4ooJOcDHqNsqV3kw==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:14 GMT
age: 64596
etag: "aec88022970c93289434f8097e4a663da33e5271"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:41 GMT
expires: Sat, 23 Mar 2024 10:26:41 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 106029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:43 GMT
expires: Sat, 23 Mar 2024 10:26:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 106027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1xlite-412089.top/genfiles/cms/pg/285/images/7ff608075eeeae857d6d0d4fc1d19854.png
178.253.15.19200 OK 653 B URL HTTP/2 1xlite-412089.top/genfiles/cms/pg/285/images/7ff608075eeeae857d6d0d4fc1d19854.png
IP 178.253.15.19:0
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash e6f0766cbd95db33da44e7a9140648f2
5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0
GET /genfiles/cms/pg/285/images/7ff608075eeeae857d6d0d4fc1d19854.png HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: image/png
content-length: 653
last-modified: Thu, 09 Mar 2023 12:41:36 GMT
x-rgw-object-type: Normal
etag: "e6f0766cbd95db33da44e7a9140648f2"
expires: Sun, 26 Mar 2023 15:48:31 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-412089.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-e284dc3f.modern.js
178.253.15.19200 OK 22 kB URL HTTP/2 1xlite-412089.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-e284dc3f.modern.js
IP 178.253.15.19:0
File type ASCII text, with very long lines (65476)
Hash 773525f393dd389999a59af6de38c729
42fc6ed0f7c61cf786789c2af18ec3298aa88d43
4229cc17e4eda8a4146c69ebe6882e782d59306eaa8ab460143cbbd4218197fe
GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-e284dc3f.modern.js HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 21746
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
vary: Accept-Encoding
etag: "641c4eff-54f2"
content-encoding: gzip
expires: Sat, 25 Mar 2023 16:53:50 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/_nuxt/desktop/default/css/fab5adf2.css
178.253.15.19200 OK 2.1 kB URL HTTP/2 1xlite-412089.top/_nuxt/desktop/default/css/fab5adf2.css
IP 178.253.15.19:0
File type ASCII text, with very long lines (16723), with no line terminators
Hash 3970a74d8b444d34ebf3e71113c5b7e5
f8966ebe093af4de4556ae32909389a74bdc001e
d2ccbde036c97c58ee7ffe55dc05b58e84d776b13643b7b03f35b6febc908cb4
GET /_nuxt/desktop/default/css/fab5adf2.css HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: text/css
content-length: 2079
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
vary: Accept-Encoding
etag: "641c4eff-81f"
content-encoding: gzip
expires: Sat, 25 Mar 2023 16:53:50 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/_nuxt/desktop/default/css/620a933b.css
178.253.15.19200 OK 633 B URL HTTP/2 1xlite-412089.top/_nuxt/desktop/default/css/620a933b.css
IP 178.253.15.19:0
File type ASCII text, with very long lines (2717), with no line terminators
Hash 48f92b600ace73bf4157e87a3d82dad3
acd00b1e75178457e5ea5ea48f6fe4b5a6ccb965
4513e985c8686bd6bfd2f594510662b0e84aed2da4f6f4138cc0d016d586f82b
GET /_nuxt/desktop/default/css/620a933b.css HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: text/css
content-length: 633
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
vary: Accept-Encoding
etag: "641c4eff-279"
content-encoding: gzip
expires: Sat, 25 Mar 2023 16:53:50 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/_nuxt/desktop/default/vendors/plugins.vue-notification-08642e21.modern.js
178.253.15.19200 OK 4.6 kB URL HTTP/2 1xlite-412089.top/_nuxt/desktop/default/vendors/plugins.vue-notification-08642e21.modern.js
IP 178.253.15.19:0
File type ASCII text, with very long lines (12527), with no line terminators
Hash 73c3ace82d02dad6882bd14ea52da7f4
00ceef8370ee79df2b0a41b0893f9947f6de9473
7836a5b631972d6ffa53a85e3478359d3559565eadf0935382e21f9b3b7d3f9e
GET /_nuxt/desktop/default/vendors/plugins.vue-notification-08642e21.modern.js HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 4564
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
vary: Accept-Encoding
etag: "641c4eff-11d4"
content-encoding: gzip
expires: Sat, 25 Mar 2023 16:53:50 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/web-api/external-api/config/deprecated
178.253.15.19200 OK 4.6 kB URL HTTP/2 1xlite-412089.top/web-api/external-api/config/deprecated
IP 178.253.15.19:0
File type JSON data\012- , ASCII text, with very long lines (23002), with no line terminators
Hash 1fa7924487c8aeecea49b78d538bf6fe
38f1c7a5f302c6c839505445584311251f04f245
1b100b00d639322db3212fe005cdca4c919aea75f1a0c36b7f3e0c300b113a5c
GET /web-api/external-api/config/deprecated HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=143, dt_285;dur=146
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/_nuxt/desktop/default/plugins.vue-js-modal-47044ce7.modern.js
178.253.15.19200 OK 7.5 kB URL HTTP/2 1xlite-412089.top/_nuxt/desktop/default/plugins.vue-js-modal-47044ce7.modern.js
IP 178.253.15.19:0
File type HTML document, ASCII text, with very long lines (25593), with no line terminators
Hash a1a846c7e1aa195109bb4cc4cbb78150
a31119ea562fce87fad30a2d03b1ca91b6fc3f5f
6fa1dbd317e7de2bf40ee151e86d6d8232f40ff04d08084e230dad89e76bb4be
GET /_nuxt/desktop/default/plugins.vue-js-modal-47044ce7.modern.js HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 7506
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
vary: Accept-Encoding
etag: "641c4eff-1d52"
content-encoding: gzip
expires: Sat, 25 Mar 2023 16:53:51 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/_nuxt/Desktop/Default/svg-sprites/common-2000204.svg
178.253.15.19200 OK 47 kB URL HTTP/2 1xlite-412089.top/_nuxt/Desktop/Default/svg-sprites/common-2000204.svg
IP 178.253.15.19:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 73ed95c0e929a50ba4057c26d16873db
b17cc932b9bca0ef70bbaebba899f702edfe18bb
bf78809e21c41e1b3d41b42cb5d8cd03fc38a717f65f45e31949d224e108e94c
GET /_nuxt/Desktop/Default/svg-sprites/common-2000204.svg HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
etag: W/"641c4eff-1db2f"
expires: Sun, 26 Mar 2023 15:48:33 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/version.json?timestamp=1679759644542
178.253.15.19200 OK 44 B URL HTTP/2 1xlite-412089.top/version.json?timestamp=1679759644542
IP 178.253.15.19:0
Hash 21465562045422e84190aacb1317d092
a486fc4f1b7a6d9bcec18b0d72d9178d0432c39e
8f819bcc4ad95c12a4c8cfa9d29b45002d051e5d445f4ce0067f7bf3512ea8e2
GET /version.json?timestamp=1679759644542 HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json
content-length: 44
last-modified: Thu, 23 Mar 2023 13:10:25 GMT
vary: Accept-Encoding
etag: "641c4fc1-2c"
content-encoding: gzip
expires: Sat, 25 Mar 2023 15:54:51 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-178408567-1
142.250.74.168200 OK 46 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (2206)
Hash b4f352cc2a102b9fbea8e7ec76b69b5b
8e286ae150fe9e4345e408b50d82924eff1be21c
a9020d0bf12f5865208d459577853b954398018d07d7c3cbfd506651c97c6ae8
GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 25 Mar 2023 15:53:51 GMT
expires: Sat, 25 Mar 2023 15:53:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45867
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/DC-c1085c22.modern.js
8.254.252.213200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/DC-c1085c22.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (2511), with no line terminators
Hash bef7503c53a7aea9892bdfc1d7d48591
2ebd1a5e024368cbbd7038c7ab5bc6a8c4e09d60
ff189730d701c5729b69ba1e1a5794b132c4a1183e0cf24828fc4204b990648a
GET /_nuxt/desktop/default/DC-c1085c22.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 1084
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-43c"
expires: Sun, 26 Mar 2023 12:37:25 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11788
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 4355291ec58b85ddde02c2446ecb2bb4
4ad43e10f82193f83e862e8a78f3e46de9490ac4
e32fd5635627751770ee13e8f77b14b2555163cfc2d7db98aa8edb5b4bae4d9a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1xlite-412089.top/web-api/api/web/v1/config/actualDomain
178.253.15.19200 OK 19 kB URL HTTP/2 1xlite-412089.top/web-api/api/web/v1/config/actualDomain
IP 178.253.15.19:0
Hash 35d8f4f1f985be4a90a87ffc653ae879
d8f0aca3a4e9f5a05278f972759448c753934253
268737465d9ba5503a59f77454e96643e64e915bf38f449b0c26b3d93d09452f
GET /web-api/api/web/v1/config/actualDomain HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
server-timing: p;dur=32, dt_285;dur=34
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/92fb861f-5ddbea4b.modern.js
8.254.252.213200 OK 5.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/92fb861f-5ddbea4b.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (17248)
Hash 6eedcdca31d26478d15ebd460a2eef5e
195fadc658ec0ea215445882c4b6e67aeffb4b1e
a52204667b7f83a6d1f3dfea5b06ec6f1a21de2e7da22e41bbc46c15d6eaab21
GET /_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/92fb861f-5ddbea4b.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 5207
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-1457"
expires: Sun, 26 Mar 2023 12:37:27 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11787
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-6a3fd746.modern.js
8.254.252.213200 OK 5.4 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-6a3fd746.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (13491), with no line terminators
Hash b7443f1feac267269df2dc2debe5e48b
5b7a375f470356766b25213eebe71e1a74f07ad4
8803051872ed1d94872f72ea6c05fe2bb41b30228d3a6b69ea3e8a3f9c2c0581
GET /_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-6a3fd746.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 5405
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-151d"
expires: Sun, 26 Mar 2023 12:37:28 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11787
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/6642b59d.css
8.254.252.213200 OK 209 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/6642b59d.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (369), with no line terminators
Hash 69bfd5fa2f9cda5127bf35a80e5c2266
fdfb4974bafb9663682a5c1a9682e7d34bbf6314
623ccbd0f043c1a34b5334ba948a8348e28292ee8a2b568d6f65ad2fb927d844
GET /_nuxt/desktop/default/css/6642b59d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: text/css
content-length: 209
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-d1"
expires: Sun, 26 Mar 2023 09:32:31 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 22880
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/42f54998-2bc885ab.modern.js
8.254.252.213200 OK 8.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/42f54998-2bc885ab.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (24831), with no line terminators
Hash 243d0f2597584bad84b3267c70da2481
1bc0f2ebac6b9776da7b09cd34a0624a4f3d0be4
3c8fcc516039424e885c249367ff9e78ff17b2f0a757cfd026541c90770be12f
GET /_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/42f54998-2bc885ab.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 8054
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-1f76"
expires: Sun, 26 Mar 2023 12:37:27 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11785
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/aa7fd5e1.css
8.254.252.213200 OK 5.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/aa7fd5e1.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (35944), with no line terminators
Hash 445c914b35a4c8625f16ea7a35010ad3
24cf0888ab161704b5cf8d05ea5e840f4104bc54
e8bb4bfd353d92b61d4d3e627c1e0624cb03dc418aa347553e1527c183a2aeab
GET /_nuxt/desktop/default/css/aa7fd5e1.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: text/css
content-length: 5085
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-13dd"
expires: Sun, 26 Mar 2023 10:09:07 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 20684
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7ca4c956-9a37e100.modern.js
8.254.252.213200 OK 7.0 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7ca4c956-9a37e100.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (26400), with no line terminators
Hash f42afe416afa408ac774d123b01acd95
ad096f43e8cbf9ae3f03273aadec9fe175420da6
41e6aab2081b3bb4ae6de76c0ecd2d37294a2fbfcb7cd2439e386e3dfbf7bd88
GET /_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7ca4c956-9a37e100.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 7031
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-1b77"
expires: Sun, 26 Mar 2023 14:23:55 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5404
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
8.254.252.213200 OK 454 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (1429), with no line terminators
Hash 3e9cde2df29737e923934bd965f79e9a
cca49320b6bdae86147a6ca485a22efcaceca43f
c11ce6bca018affeed8af94378f7c19ec7c62e8eddb1a189c03f7c075a978938
GET /_nuxt/desktop/default/css/c2b74bc7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: text/css
content-length: 454
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-1c6"
expires: Sun, 26 Mar 2023 08:32:01 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 26510
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/efb74296.css
8.254.252.213200 OK 1.3 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/efb74296.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (5671), with no line terminators
Hash 713eb75d62fc803696a93f722e4487b1
4fad87eea50f9d6fdb6bf752865ba7c6d7c433ec
fafd6239c7f0785ae825fd5fb59425d12951181b2ada953ffbf079c1e2db0481
GET /_nuxt/desktop/default/css/efb74296.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: text/css
content-length: 1260
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-4ec"
expires: Sun, 26 Mar 2023 09:32:29 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 22885
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-38254112.modern.js
8.254.252.213200 OK 18 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-38254112.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (44093), with NEL line terminators
Hash 7d44a555e6eb1f6b717e8ec5e56b6dd7
bbc51f9a2e247429eca60773dc8d4eefbdd25bbc
31eea1833c2b0b7ea8b614d210d14cd44d7a104337fd6b349f7742d5a8eb759b
GET /_nuxt/desktop/default/vendors/betting.media-38254112.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 17889
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-45e1"
expires: Sun, 26 Mar 2023 12:37:27 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11784
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.media-e1a44f37.modern.js
8.254.252.213200 OK 4.8 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/betting.media-e1a44f37.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (19645), with no line terminators
Hash f373c4913798cb40f52814f1b1d4ddca
8fa1c484dbf5aae328594ee8e2c96e0f3b18d734
3e39d794b002692feeb1fb8f7b595b787bbebcf8e4fbba18f490d5b6450aa355
GET /_nuxt/desktop/default/betting.media-e1a44f37.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 4842
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-12ea"
expires: Sun, 26 Mar 2023 12:37:27 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11786
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/6ddcb708.css
8.254.252.213200 OK 464 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/6ddcb708.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (1665), with no line terminators
Hash a573a54f11caefb31dfb77b8c37d0bc1
f2497db66066cec72604e1e06999d56d75c0c821
ab5b915932a677e6ce7a05ca96074cd3c92bb13054410556ed6ac066fe45e437
GET /_nuxt/desktop/default/css/6ddcb708.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: text/css
content-length: 464
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-1d0"
expires: Sun, 26 Mar 2023 14:15:33 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5898
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/registration.Main-21ae49d1.modern.js
8.254.252.213200 OK 53 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/registration.Main-21ae49d1.modern.js
IP 8.254.252.213:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 9e966ab1679e3b64087fa505c56d57f0
d096ff77291810a4e214921b72582f6695ce594d
e8dff875dc534a1ad2785494243b1eec222a1569d0978ccae309a9d133e95b22
GET /_nuxt/desktop/default/registration.Main-21ae49d1.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 52555
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-cd4b"
expires: Sun, 26 Mar 2023 14:27:27 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5296
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-e85a500d.modern.js
8.254.252.213200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-e85a500d.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (2452), with no line terminators
Hash 6790f30c9b060e185da80824c0d7beb7
0c6ae1a05261b935f39ec7d2239b42940c385d8e
613438af812ca9db4ed4f79987d4a127140992aa6cd4ab5b5c7a61c420aa0697
GET /_nuxt/desktop/default/ioc.dependencies.32-e85a500d.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 1081
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-439"
expires: Sun, 26 Mar 2023 10:07:35 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 20783
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-412089.top/session-api/sessions/user
178.253.15.19200 OK 16 B URL HTTP/2 1xlite-412089.top/session-api/sessions/user
IP 178.253.15.19:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 646b2e82b65602d35f7aa6283c387e3a
b163a70c5df8e4b0861a23a04f8a6f78393747f4
b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab
GET /session-api/sessions/user HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
server-timing: p;dur=0.76794624328613
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-412089.top%2Fen%2Fregistration&language=en
178.253.15.19200 OK 50 B URL HTTP/2 1xlite-412089.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-412089.top%2Fen%2Fregistration&language=en
IP 178.253.15.19:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b87a1addd40bfb43c006eedcb9f21f28
7c504dfdecbb7e3e61f8681eb9e338a6698d5fc2
931bc5f84afccc01bc652d702e50b45ab57739699a88f157b994eda943ffcf57
GET /frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-412089.top%2Fen%2Fregistration&language=en HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json; charset=utf-8
content-length: 50
access-control-allow-origin: *
etag: W/"32-fFBN/ey7fj5h+GgeueM4pmmNX8I"
server-timing: requestTime; dur=44.336946999999995; desc="req_t", renderTime; dur=44.356418999999995; desc="rend_t", total; dur=44.668091; desc="Total Response Time"
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/checker/redirect/stat/run/
178.253.15.19200 OK 82 kB URL HTTP/2 1xlite-412089.top/checker/redirect/stat/run/
IP 178.253.15.19:0
Hash 1741518ca3417851926d5f8ba47ed8a9
0f2639844474475607d62e06cca1b357b7b40583
2885177bceddda9268955057274524fe2b675234bfe30dbd6ba1807a9a1505ce
GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
api-supported-versions: 1.0
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/web-api/user/secure
178.253.15.19200 OK 58 B URL HTTP/2 1xlite-412089.top/web-api/user/secure
IP 178.253.15.19:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 83b2830051ef9b576585d544c2316890
5e7c9e521539a68d3cd762538f120ea92872c26c
3c6793d162c560d6955b0b606eb9470ae803f6dd8f3538d86da4a84a7230b594
POST /web-api/user/secure HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json; charset=utf-8
content-length: 58
server-timing: dt_285;dur=75
set-cookie: is_rtl=1; expires=Sun, 24-Mar-2024 15:53:51 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
fast_coupon=true; expires=Sat, 01-Apr-2023 15:53:51 GMT; Max-Age=604800; path=/
v3fr=1; expires=Tue, 28-Mar-2023 15:53:51 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax
_glhf=1679777408; expires=Sat, 25-Mar-2023 16:53:52 GMT; Max-Age=3600; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/web-api/api/converslon/load
178.253.15.19200 OK 32 kB URL HTTP/2 1xlite-412089.top/web-api/api/converslon/load
IP 178.253.15.19:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 106139eef113e079e5860080a95a2a9c
a9ad8b853d80601ccf9dd3c33c4998f0f74d24ea
babfbd70ec63791fb2f9f86873fb6d1cf03346c4343da60e3c7377cc734a12a6
GET /web-api/api/converslon/load HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=18, dt_285;dur=20
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1679759645321
178.253.15.19200 OK 145 B URL HTTP/2 1xlite-412089.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1679759645321
IP 178.253.15.19:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1679759645321 HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
expires: Sun, 26 Mar 2023 15:53:52 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-412089.top/web-api/api/internal/v1/proof_of_age
178.253.15.19204 No Content 0 B URL HTTP/2 1xlite-412089.top/web-api/api/internal/v1/proof_of_age
IP 178.253.15.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
cache-control: no-cache, private
server-timing: p;dur=40, dt_285;dur=46
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137
178.253.15.19200 OK 20 kB URL HTTP/2 1xlite-412089.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137
IP 178.253.15.19:0
File type JSON data\012- , ASCII text, with very long lines (1490)
Hash 09a97a9d39fb6d45e64ffc32df98aeae
f33b0ccfa30a34f3adea75e19f1ca798b8bc4a4e
0dbcabdd17274e71b513c4acaf9cdf0e36d35417f84e65e8d97fd730400867fc
GET /web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=75, dt_285;dur=78
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 248b003a4a6dda3d2c481cfd45e49176
ae6e1dbc704dbe302549888e545689eb88e83bb9
14df223924711cca8488c64942b656023cb6e69cb83863ccd0f9cdb8ac4682fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=117090981.1679759645>m=45je33m0&aip=1&z=1201764760
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=117090981.1679759645>m=45je33m0&aip=1&z=1201764760
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=117090981.1679759645>m=45je33m0&aip=1&z=1201764760 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 25 Mar 2023 15:53:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 248b003a4a6dda3d2c481cfd45e49176
ae6e1dbc704dbe302549888e545689eb88e83bb9
14df223924711cca8488c64942b656023cb6e69cb83863ccd0f9cdb8ac4682fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.BetsHistory/Page.Office.Partner/d6d9fee2-285bf5f5.modern.js
8.254.252.213200 OK 15 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.BetsHistory/Page.Office.Partner/d6d9fee2-285bf5f5.modern.js
IP 8.254.252.213:0
File type Unicode text, UTF-8 text, with very long lines (58315), with no line terminators
Hash b58308cb6f12602d5b094479063d9fa0
e8858c280daa69477d69a4d586707f7516c1f0de
782e5bb27de8fd8e1fa08ed62dda33cd00d01ff7ffa74b0ca107182afac1c7a1
GET /_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.BetsHistory/Page.Office.Partner/d6d9fee2-285bf5f5.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 15098
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-3afa"
expires: Sun, 26 Mar 2023 14:23:45 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5407
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/10a981df.css
8.254.252.213200 OK 1.3 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/10a981df.css
IP 8.254.252.213:0
File type ASCII text, with very long lines (6623), with no line terminators
Hash 6a214296f4e840b21149dabc19ab61f4
1bd01a9b348b3666ebf9033de28c9689350b8c33
213938dc31603dd4ac475a3abb4cf3e643d32faa6c9cfb10a611dfb66e3d659e
GET /_nuxt/desktop/default/css/10a981df.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: text/css
content-length: 1310
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-51e"
expires: Sun, 26 Mar 2023 09:33:31 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 22854
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-0879ec04.modern.js
8.254.252.213200 OK 7.5 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-0879ec04.modern.js
IP 8.254.252.213:0
File type ASCII text, with very long lines (35156), with no line terminators
Hash 79fa1e3a31bd6c8880126faa6fbb2239
05363ae685f45a81e39fcac8851b73740e02314c
aadbb709f20022dc3879912f31538e8785d6cd66fae742bb4a9ef5e0bbf2d173
GET /_nuxt/desktop/default/Registration.Fields-0879ec04.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 7500
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-1d4c"
expires: Sun, 26 Mar 2023 12:37:33 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11779
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-412089.top/seo-module-api/api/v1/links/canonical?group_id=285&ref_id=1&url=https:%2F%2F1xlite-412089.top%2Fen%2Fregistration&geo=no&language=en
178.253.15.19200 OK 111 B URL HTTP/2 1xlite-412089.top/seo-module-api/api/v1/links/canonical?group_id=285&ref_id=1&url=https:%2F%2F1xlite-412089.top%2Fen%2Fregistration&geo=no&language=en
IP 178.253.15.19:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3915641719ed49f77cae5e8e028c0f78
2aa8add56f160ab0f0094c8cf13e977beeaac9a6
7fbea478c44d770721f7b436fec46fda0db27a193b6341559e01b66f9c873f2f
GET /seo-module-api/api/v1/links/canonical?group_id=285&ref_id=1&url=https:%2F%2F1xlite-412089.top%2Fen%2Fregistration&geo=no&language=en HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1679777408; _ga_7JGWL9SV66=GS1.1.1679759645.1.1.1679759645.60.0.0; _ga=GA1.1.117090981.1679759645; ggru=125
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json
content-length: 111
cache-control: max-age=1200, must-revalidate, public
server-timing: p;dur=117.49982833862
x-content-digest: en8f379d34ec1885f8038de17730fac219
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/seo-module-api/api/v1/metadata?group_id=285&ref_id=1&url=https:%2F%2F1xlite-412089.top%2Fen%2Fregistration&geo=no&language=en
178.253.15.19200 OK 188 B URL HTTP/2 1xlite-412089.top/seo-module-api/api/v1/metadata?group_id=285&ref_id=1&url=https:%2F%2F1xlite-412089.top%2Fen%2Fregistration&geo=no&language=en
IP 178.253.15.19:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 060fc0289c8bd78573f162e148c60531
a6c1f32ebb40945d13af45129188d3fb9afe3d43
4c0cf1e5bdff7e04a71a949ccecd990b2e5883ca294ae51bb96b2d97bf49acc3
GET /seo-module-api/api/v1/metadata?group_id=285&ref_id=1&url=https:%2F%2F1xlite-412089.top%2Fen%2Fregistration&geo=no&language=en HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1679777408; _ga_7JGWL9SV66=GS1.1.1679759645.1.1.1679759645.60.0.0; _ga=GA1.1.117090981.1679759645; ggru=125
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json
content-length: 188
cache-control: max-age=1200, must-revalidate, public
server-timing: p;dur=128.42392921448
x-content-digest: en3b94b6467b711120a75a7e3c2b85be4e
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je33m0&_p=535291973&_gaz=1&cid=117090981.1679759645&ul=en-us&sr=1280x1024&_s=1&sid=1679759645&sct=1&seg=0&dl=https%3A%2F%2F1xlite-412089.top%2Fen%2Fregistration&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je33m0&_p=535291973&_gaz=1&cid=117090981.1679759645&ul=en-us&sr=1280x1024&_s=1&sid=1679759645&sct=1&seg=0&dl=https%3A%2F%2F1xlite-412089.top%2Fen%2Fregistration&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=45je33m0&_p=535291973&_gaz=1&cid=117090981.1679759645&ul=en-us&sr=1280x1024&_s=1&sid=1679759645&sct=1&seg=0&dl=https%3A%2F%2F1xlite-412089.top%2Fen%2Fregistration&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-412089.top
date: Sat, 25 Mar 2023 15:53:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5716bd17f0cc1d649bcba4a6400ad0fa
752def7b1cf7d2f2e8213b28cb17f93e1015d333
ef78bd37975cc2a43c78562c8fcd9977f92a2ef525b87cfcef89f114f28eac3b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1xlite-412089.top/web-api/api/v3/bonuses/first-deposit
178.253.15.19200 OK 8.1 kB URL HTTP/2 1xlite-412089.top/web-api/api/v3/bonuses/first-deposit
IP 178.253.15.19:0
Hash 2ee655bbcda7ceec621ed763cc580b94
f5357ff3460d445ab2e4d69764cc868677debd3d
24a44ed378ce74368dc8b2336e6fe9fd6b44b81d4573590aa23f110e1e594633
GET /web-api/api/v3/bonuses/first-deposit HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=16, dt_285;dur=17
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=117090981.1679759645&jid=481220369&gjid=1429323983&_gid=113048940.1679759646&_u=aCDAAUACQAAAACAAI~&z=1086353889
173.194.221.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=117090981.1679759645&jid=481220369&gjid=1429323983&_gid=113048940.1679759646&_u=aCDAAUACQAAAACAAI~&z=1086353889
IP 173.194.221.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=117090981.1679759645&jid=481220369&gjid=1429323983&_gid=113048940.1679759646&_u=aCDAAUACQAAAACAAI~&z=1086353889 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://1xlite-412089.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 25 Mar 2023 15:53:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-7JGWL9SV66&cid=117090981.1679759645>m=45je33m0&aip=1
173.194.221.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-7JGWL9SV66&cid=117090981.1679759645>m=45je33m0&aip=1
IP 173.194.221.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66&cid=117090981.1679759645>m=45je33m0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-412089.top
date: Sat, 25 Mar 2023 15:53:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash eef4409d0ad90e2899e538028bd3fa76
2d6edd13cbd2d201ef921fc33c053aec8f8b740c
61eef3a534769ac291c82d37206b392dea96af36a38e9d7da4cf0fb2d5d2342d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 729 B IP 142.250.74.131:0
Hash 057651fa70382ff4273c2723388397a7
4e4a1514b701bfaf206f4e95871858c95e34ca03
f1a1b4e30b66b371aab848feb6a86d80c796a1701267f6c47cb88eb1032acf0d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/api.js?render=explicit&hl=en
142.250.74.132200 OK 557 B URL HTTP/2 www.google.com/recaptcha/api.js?render=explicit&hl=en
IP 142.250.74.132:0
File type ASCII text, with very long lines (852), with no line terminators
Hash c059857f8612700102dd124518e33e93
e079fbee5e81c26f50b1652e799242959869a62d
4f5c449c5ff3300bd0f69d0077ec5786089e41d8cc3832cf6e7d28b050d1db02
GET /recaptcha/api.js?render=explicit&hl=en HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Sat, 25 Mar 2023 15:53:54 GMT
date: Sat, 25 Mar 2023 15:53:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 44 kB IP 142.250.74.131:0
Hash 414ecf8c9a7cb514a291e7ba61a090ab
84164e5a141c411ab9525cded1449c4978bc5e87
cd3611898e4c6059c0fe186c25970bcb3c7df0c2d7e06051756e96db256fefc2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js
142.250.74.35200 OK 166 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js
IP 142.250.74.35:0
File type HTML document, ASCII text, with very long lines (597)
Size 166 kB (166058 bytes)
Hash 4043af37a3392a9db521ff9ab62d9608
83828688e7a2259ed2f77345851a16122383b422
ee076822f35390ee382cda71759a2eec8f4db2bc18e4e3acd586173c29dab321
GET /recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166058
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 16:20:35 GMT
expires: Tue, 19 Mar 2024 16:20:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 430399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:44 GMT
expires: Sat, 23 Mar 2024 10:26:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 106031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:45 GMT
expires: Sat, 23 Mar 2024 10:26:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
age: 106030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:45 GMT
expires: Sat, 23 Mar 2024 10:26:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 106030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1x-xredbet088981.top/registration/
178.253.47.27307 Temporary Redirect 0 B URL HTTP/2 1x-xredbet088981.top/registration/
IP 178.253.47.27:0
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /registration/ HTTP/1.1
Host: 1x-xredbet088981.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
server: nginx
date: Sat, 25 Mar 2023 15:53:48 GMT
content-type: text/html; charset=utf-8
location: https://1xlite-412089.top/registration/
x-frame-options: SAMEORIGIN
set-cookie: SESSION=7e1f6b20632d03427e4fb7a0173126f2; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
auid=sv0vG2QfGQwaa3h1A0DTAg==; path=/; secure; httponly; samesite=lax
x-reason: 1080,1078,1074,1015,1021
cache-control: no-cache, private
server-timing: p;dur=88
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/_nuxt/Desktop/Default/svg-sprites/country-2000204.svg
178.253.15.19200 OK 0 B URL HTTP/2 1xlite-412089.top/_nuxt/Desktop/Default/svg-sprites/country-2000204.svg
IP 178.253.15.19:0
GET /_nuxt/Desktop/Default/svg-sprites/country-2000204.svg HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1679777408; _ga_7JGWL9SV66=GS1.1.1679759645.1.1.1679759645.60.0.0; _ga=GA1.2.117090981.1679759645; ggru=125; _gid=GA1.2.113048940.1679759646
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
etag: W/"641c4eff-26288"
expires: Sun, 26 Mar 2023 15:48:33 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/web-api/q/fc00c495dec2c6b18de4f5266b1d7f4f85465073e
178.253.15.19200 OK 0 B URL HTTP/2 1xlite-412089.top/web-api/q/fc00c495dec2c6b18de4f5266b1d7f4f85465073e
IP 178.253.15.19:0
POST /web-api/q/fc00c495dec2c6b18de4f5266b1d7f4f85465073e HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-412089.top/en/registration?type=fast
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://1xlite-412089.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1679777408; _ga_7JGWL9SV66=GS1.1.1679759645.1.1.1679759645.60.0.0; _ga=GA1.2.117090981.1679759645; ggru=125; _gid=GA1.2.113048940.1679759646; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=32, dt_285;dur=34
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap
172.217.21.170200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap
IP 172.217.21.170:0
GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 Mar 2023 15:53:49 GMT
date: Sat, 25 Mar 2023 15:53:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1xlite-412089.top/web-api/registration
178.253.15.19200 OK 0 B URL HTTP/2 1xlite-412089.top/web-api/registration
IP 178.253.15.19:0
POST /web-api/registration HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Content-Type: application/json
Content-Length: 18
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
server-timing: dt_285;dur=78
set-cookie: is_rtl=1; expires=Sun, 24-Mar-2024 15:53:52 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
fast_coupon=true; expires=Sat, 01-Apr-2023 15:53:52 GMT; Max-Age=604800; path=/
v3fr=1; expires=Tue, 28-Mar-2023 15:53:52 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/web-api/registration/fields
178.253.15.19200 OK 0 B URL HTTP/2 1xlite-412089.top/web-api/registration/fields
IP 178.253.15.19:0
POST /web-api/registration/fields HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Content-Type: application/json
Content-Length: 19
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1679777408; _ga_7JGWL9SV66=GS1.1.1679759645.1.1.1679759645.60.0.0; _ga=GA1.1.117090981.1679759645; ggru=125
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
server-timing: dt_285;dur=87
set-cookie: is_rtl=1; expires=Sun, 24-Mar-2024 15:53:52 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-412089.top/web-api/default/img/icons/pixels2.svg?v=1679759645
178.253.15.19200 OK 0 B URL HTTP/2 1xlite-412089.top/web-api/default/img/icons/pixels2.svg?v=1679759645
IP 178.253.15.19:0
GET /web-api/default/img/icons/pixels2.svg?v=1679759645 HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=32, dt_285;dur=34
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2