Report - 1x-xredbet088981.top/registration/

Report Overview

Submitted URL
1x-xredbet088981.top/registration/
IP
178.253.47.27
ASN
#0
Submitted
2023-03-25 15:53:59
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T05:09:04Z	4.5 kB	52 kB	142.250.74.131
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	2.7 kB	35 kB	34.120.237.76
1xlite-412089.top	unknown	2023-03-23T22:04:21Z	2023-03-29T01:06:51Z	18 kB	276 kB	178.253.15.19
1x-xredbet088981.top	unknown	2022-07-08T16:14:34Z	2023-03-28T02:45:05Z	828 B	989 B	178.253.47.27
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	238 B	34.117.65.55
region1.analytics.google.com	unknown	2022-03-17T12:26:33Z	2023-03-29T09:02:58Z	721 B	448 B	216.239.32.36
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-29T09:59:29Z	485 B	578 B	142.250.74.163
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-29T09:08:31Z	1.1 kB	1.0 kB	173.194.221.155
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-29T11:19:48Z	2.4 kB	82 kB	216.58.207.227
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-29T05:44:04Z	387 B	46 kB	142.250.74.168
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-29T10:13:53Z	548 B	630 B	172.217.21.170
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-29T08:59:28Z	1.7 kB	4.8 kB	104.18.32.68
v3.traincdn.com	unknown	2022-11-25T11:00:40Z	2023-03-29T03:27:04Z	13 kB	831 kB	8.254.252.213
www.google.com	7	2015-05-10T13:11:19Z	2023-03-29T05:55:56Z	390 B	1.1 kB	142.250.74.132
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-29T09:13:03Z	445 B	167 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-25 15:54:00	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-03-25 15:54:01	medium	Client IP	178.253.47.27	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (50)

	URL	Size	First Seen	Last Seen
	v3.traincdn.com/_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.BetsHistory/Page.Office.Partner/d6d9fee2-285bf5f5.modern.js	61 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.BetsHistory/Page.Office.Partner/d6d9fee2-285bf5f5.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:06:31 Last Seen2023-03-29 23:16:15 Times Seen30 Hash f86f9b33f951b4ee6d403b2c6321020f 1d9e291bf11b8f914b4a6ad2d3ad26f581dc315b 8aabd96db2315e67b78de878bbb16745b3098628ce386d66f8e13efea7cb381d Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&co=aHR0cHM6Ly8xeGxpdGUtNDEyMDg5LnRvcDo0NDM.&hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&theme=light&size=invisible&badge=inline&cb=z2zd2vmu806v	69 B	2023-03-07	2024-04-26
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&co=aHR0cHM6Ly8xeGxpdGUtNDEyMDg5LnRvcDo0NDM.&hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&theme=light&size=invisible&badge=inline&cb=z2zd2vmu806v IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-26 06:22:53 Times Seen99541 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Games.GamesProject/Page.Game/60caf41e-212e2c08.modern.js	8.2 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Games.GamesProject/Page.Game/60caf41e-212e2c08.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:34:48 Last Seen2023-03-29 23:04:39 Times Seen9 Hash 561399478c23520af0da37e32dfb1b5e 417b1845a6df9909b0f8217de1c2bca91ba96ee7 6f04aabca55d44cf9c0242d4bec6e3bfadac88d2ad22b90ab34ab53cb30dbbca Loading...

	1xlite-412089.top/_nuxt/desktop/default/plugins.vue-js-modal-47044ce7.modern.js	26 kB	2023-03-29	2023-03-29
Pretty URL 1xlite-412089.top/_nuxt/desktop/default/plugins.vue-js-modal-47044ce7.modern.js IP 178.253.15.19 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:06:31 Last Seen2023-03-29 23:16:15 Times Seen34 Hash 620e18fc25ca283cd7aeed374d3d4c95 8d6d3949ed6709544b17c82238141fa97c7efaa0 168fd4037d2a8e1c56c23ab3841d75deafb25fbf73ba5211e3bbd0d429e4bace Loading...

	v3.traincdn.com/_nuxt/desktop/default/DC-c1085c22.modern.js	2.5 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/DC-c1085c22.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:06:31 Last Seen2023-03-29 23:16:15 Times Seen34 Hash 17e29110c6583a2ae55fc27db7ead1b0 22cf9c4a739332b600cdba0e83a2832f96cc0b9c 41eef82ccb6819d99f91102edd09efc3029f371f00324b9f9090df4b2bb97bea Loading...

	www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js	415 kB	2023-03-29	2023-09-29
Pretty URL www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:35:31 Last Seen2023-09-29 03:14:46 Times Seen3321 Hash 733e4a30889fa7c9947958423e21e810 16a2cced6035295476141f8ac1cd928114cafebf 7d2c1727a32a92776f9a3078abb845bbeb77e6603c40a318f12ea1e1b5a040d7 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&co=aHR0cHM6Ly8xeGxpdGUtNDEyMDg5LnRvcDo0NDM.&hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&theme=light&size=invisible&badge=inline&cb=z2zd2vmu806v	41 kB	2023-03-29	2023-03-29
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&co=aHR0cHM6Ly8xeGxpdGUtNDEyMDg5LnRvcDo0NDM.&hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&theme=light&size=invisible&badge=inline&cb=z2zd2vmu806v IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:26:09 Last Seen2023-03-29 22:26:09 Times Seen1 Hash 75436b3c8216183d3ff67c33215f1328 a44607daa62e96d961478daaa99b1e08e109f749 597258ad8f032df73f90dffd3d1994674b17319f949fa585ef5dbbff1fa5ec27 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/app-cf9f15ab.modern.js	1.6 MB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/app-cf9f15ab.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:19:16 Last Seen2023-03-29 23:16:15 Times Seen29 Hash 018112a76609e071e78f3d3730d854a4 db8715f8f2a29af83ae5b3a0f537d248fb370e79 a94c74e1471cc33797c8ffc988de6ca86fa819cf9e3b1b0f80eb42a7adcf1422 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 06:35:01 Times Seen37085458 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	1xlite-412089.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-e284dc3f.modern.js	76 kB	2023-03-29	2023-03-29
Pretty URL 1xlite-412089.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-e284dc3f.modern.js IP 178.253.15.19 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:06:30 Last Seen2023-03-29 23:16:15 Times Seen34 Hash 12c3590a4335932d1aca64dc471ff8f3 64ed3ec6200615d7cd83e7a65b178cb4caa6d1bc 41f490990f3cd46a70e787c0435a4678469aab6d7325c6d5db4fbb2d2273c297 Loading...

	v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-6a3fd746.modern.js	14 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-6a3fd746.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:06:31 Last Seen2023-03-29 23:16:15 Times Seen33 Hash 6d276e0e100dd38f749f9551c6446cff a754e08e0863ae5781d59ef5797e8e0fa373abc3 73fe34ba3cdcfe6b54c78131b7f81857e0978a1bda73f5d251f45e2f473d87db Loading...

	v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-e85a500d.modern.js	2.5 kB	2023-03-26	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-e85a500d.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 13:12:03 Last Seen2023-03-29 23:16:15 Times Seen48 Hash 137226f0612bc669a8c00d30c2f1bbad b6aed7187ec269f85e02fe6b3577034dcd4fb1d4 a3cbb75e01127471b1153016e0363e4f831ff6ccf567ba237a994ab02c096082 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-0879ec04.modern.js	35 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-0879ec04.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:40:06 Last Seen2023-03-29 23:04:39 Times Seen7 Hash 4ee387f3e0b3070bb4cd1ec2c6158780 0707ea30af022a5e9391680f27a1d9b25e2e36e6 f9170b325c10fd472323eb3d701f3efbf387990efb7233c696b4f3e4d317abd2 Loading...

	suphelper.com/widget/public/bundle.33fa17097bdc6cb1de6c.js	212 kB	2023-03-26	2023-04-12
Pretty URL suphelper.com/widget/public/bundle.33fa17097bdc6cb1de6c.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:45:29 Last Seen2023-04-12 08:00:24 Times Seen178 Hash f7862a5564dd506a44ebf139f98c4d37 f9f19836ed4d68ada13e9393e57dfbd7305f835d 1e28e1adaafd2e78508fb62d57adf36c7fd68ee87f283d251623a0bac148f742 Loading...

	radar.cedexis.com/1593429750/radar.js	45 kB	2023-03-07	2023-11-16
Pretty URL radar.cedexis.com/1593429750/radar.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2023-11-16 11:36:04 Times Seen2664 Hash f0bad4e1f4843352017e0dcec735975a 7708b6d1c3966fda619af0bfb64d5c14b85e5da9 79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390 Loading...

	v3.traincdn.com/_nuxt/desktop/default/betting.media-e1a44f37.modern.js	20 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/betting.media-e1a44f37.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:06:31 Last Seen2023-03-29 23:16:15 Times Seen33 Hash 1d3a2f46228c6c5b7d5039a3f118cbe0 4ddb020d08dcf618202e58cd40eaa95745031b7c fee56eb4d4807472af8d949731d845414d2ff15c22411759d2eaa1394d895e3b Loading...

	www.googletagmanager.com/gtag/js?id=UA-178408567-1	118 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtag/js?id=UA-178408567-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:18:03 Last Seen2023-03-29 22:49:39 Times Seen3 Hash 23d001a821a7037b737337072df123b6 a9f9ae5ce2e9349ef348b150ea343d75492c7387 21232ac52d51500371c1fc6a9261cfcc8140a979b7407a31dd0469e715f219b2 Loading...

	v3.traincdn.com/_nuxt/desktop/default/registration.Main-21ae49d1.modern.js	199 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/registration.Main-21ae49d1.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:40:06 Last Seen2023-03-29 23:04:39 Times Seen4 Hash 91316810628e3558a5b8fb9a9b7c3313 ae538fe9b4fcf30c6de3fdc7746a2fc78dc5833f ca8f7449398239017fe547cba329f3dd26d0c9382a94d038b4aad22be01fb1e2 Loading...

	suphelper.com/widget/?build=1678449095031&lang=en&langInited=true&opener=full	203 B	2023-03-07	2024-01-20
Pretty URL suphelper.com/widget/?build=1678449095031&lang=en&langInited=true&opener=full IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:52 Last Seen2024-01-20 20:21:11 Times Seen1389 Hash c762ec1a23a59894a334b9bb9fb7fa41 8751a4d124eb7a0ac54097933749b73b7a0409c0 6fd4ec66c226d3bd937a8620622453b33ab935ae30c6bbcf6cc9d62f69804ecf Loading...

	suphelper.com/widget/api/i18n-source/en-GB.js?bn=1678449095031	11 kB	2023-03-26	2023-04-12
Pretty URL suphelper.com/widget/api/i18n-source/en-GB.js?bn=1678449095031 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:07:10 Last Seen2023-04-12 08:00:24 Times Seen100 Hash 15f4fde1d2a977023816e489cfd4f579 25cc276e33dc7f16d262fe5eba10b1c27b98fef7 86abeeac5f1bc8201491d537de64b89b57be91f737302e0938bd9349b11aa4ca Loading...

	suphelper.com/widget/public/chunk.9e9a4ae65db929e8a147.js	1.4 MB	2023-03-26	2023-04-12
Pretty URL suphelper.com/widget/public/chunk.9e9a4ae65db929e8a147.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:07:10 Last Seen2023-04-12 08:00:25 Times Seen174 Hash e9137736d10ebd5110fbca5ee4d46c8f 9669f33d81874c7bb175b0cc065ffa192540e422 249d3da0f68188354e014fd712debf830f72ed4370543b86478499c40b3983df Loading...

	1xlite-412089.top/en/registration	795 B	2023-03-08	2024-02-13
Pretty URL 1xlite-412089.top/en/registration IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:50 Last Seen2024-02-13 14:23:26 Times Seen2399 Hash d142026b9af7316cb97a9331199c8cf2 4ffe70e80a10f689006b1e3a518019fdc077f2b2 519b6d15761517d0ecc72fb32c0e4c6479ed232c8cd01985a3bd963a26233a9f Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Registration-63ff5a86.modern.js	7.2 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Registration-63ff5a86.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:40:06 Last Seen2023-03-29 23:04:39 Times Seen6 Hash 20e33ffc1a640f974fa57d1ba3f632a1 8e023f6d302f470138a4f073ebd4145439ed1b65 411cdc8bb40b15c561f7192474a71837c90b0bbf22d4ee09189d7566aeea1a1e Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/42f54998-2bc885ab.modern.js	25 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/42f54998-2bc885ab.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:06:31 Last Seen2023-03-29 23:16:15 Times Seen30 Hash 12e876593cf810c87425195bbca27889 a686133919874243ff2400103f2e84261d407613 9a39f6727c7e5514c132bd9bfebc77cc4d7cfb8d891469b40b2915740216d02a Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7ca4c956-9a37e100.modern.js	26 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7ca4c956-9a37e100.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:06:31 Last Seen2023-03-29 23:16:15 Times Seen30 Hash d5303eda9bd4f29614b03e513ab80015 ff828757accb53610d80d34680e5a0ff06c8fe85 4d626838b9235c11171d0434e8aae9a417fcbee74654ddde8ba9cb66565a4ed9 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-38254112.modern.js	59 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-38254112.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:06:31 Last Seen2023-03-29 23:16:15 Times Seen33 Hash c80b4104d791ef4fc5d6ed834cf40e20 234855bdbd292717359833db6cf8899bb6c48ba1 7dcd9d7b0480a942da7fd9a28ce6c55a9009804d0f3256764efc7776b67ab11a Loading...

	suphelper.com/widget/injector.js	168 kB	2023-03-26	2023-04-12
Pretty URL suphelper.com/widget/injector.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 01:45:30 Last Seen2023-04-12 08:00:24 Times Seen264 Hash 2686862d8d6fa52d12857dd34b73d32c cdba30ab7f32a1a7db011cc496e8c8e45a9f1058 bc4e59ce9575e90674f42b0307ce2037231dd7acc73f7c666b0e955285d0c735 Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t	181 B	2023-03-14	2023-04-05
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=vpEprwpCoBMgy-fvZET0Mz6L&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 00:27:52 Last Seen2023-04-05 02:02:49 Times Seen31 Hash 617977aaef8d85e901fc4a6f9ef2da0f 0a70572b45381492bb7edef0be16a834b7990f9e d4106dba2e1b67860437a68d91ba3ac32e1c605b7647db7bae981fc0536e3729 Loading...

	1xlite-412089.top/en/registration	643 B	2023-03-29	2023-03-29
Pretty URL 1xlite-412089.top/en/registration IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:40:05 Last Seen2023-03-29 23:04:39 Times Seen6 Hash ac9198a8b9c2c485e69d26dfc998a09d 97df6ddbd98ab54923234546898866361a268ee0 c8bb0ebb56d8057b787ad13084bbdfdac0e1fbde2b3b9b821a14ffc2f0aadc3e Loading...

	v3.traincdn.com/_nuxt/desktop/default/runtime-2a1698b0.modern.js	34 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/runtime-2a1698b0.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:06:31 Last Seen2023-03-29 23:16:15 Times Seen34 Hash 07aae1291e865cc2be7b3eed55e841bf d871514eef2bc48e5a8f739fc71a2bae06217360 dbadd0482de54c02bc57bd62e1725ef27bda3412b2ed30c9d08dfcd2040c3b17 Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c	240 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:26:09 Last Seen2023-03-29 22:26:09 Times Seen1 Hash ec4beea678d7fa7ecd59d7e986087acc 20d4e0abaaa3e4e402270dfaba7b8f9b386f65fd 81807d39c58fc0ca7971e03af74fc988604a64378b3b626cb76683064a4d86f2 Loading...

	www.google-analytics.com/gtm/js?id=GTM-5R4MT54&t=gtag_UA_178408567_1&cid=117090981.1679759645	115 kB	2023-03-29	2023-03-29
Pretty URL www.google-analytics.com/gtm/js?id=GTM-5R4MT54&t=gtag_UA_178408567_1&cid=117090981.1679759645 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:26:09 Last Seen2023-03-29 22:26:09 Times Seen1 Hash 2331bf50a8477f7fa553d5cf270ebfd5 a37c51751c9c130b481be890dd599f8d80337a74 f5347f46269447ce9e71aa09456f5839bc3f8011c001a55a83f0a847215bf6c2 Loading...

	suphelper.com/widget/?build=1678449095031&lang=en&langInited=true&opener=full	441 B	2023-03-07	2024-01-20
Pretty URL suphelper.com/widget/?build=1678449095031&lang=en&langInited=true&opener=full IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:52 Last Seen2024-01-20 20:21:10 Times Seen1475 Hash 562c0a945070f06a208058106238c55f c5b09a8a2efe65342f36dfe49c26b717eeed82de e98fce7d083f719412d5e10b42e777b4bd0c7bf4b83e2a151de5500bd044f2cb Loading...

	www.google.com/recaptcha/api.js?render=explicit&hl=en	852 B	2023-03-29	2023-04-01
Pretty URL www.google.com/recaptcha/api.js?render=explicit&hl=en IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:40:06 Last Seen2023-04-01 11:09:26 Times Seen40 Hash 5c0b5b1374e9a5d5d871f15660749bdc cd79a3d36f9527fc5e5053207be5fc6ad296e95d 7f90addfaeeda0676dbc7f5467938de83ad081cbb2ec64b4c5a2560dff262b98 Loading...

	1xlite-412089.top/en/registration	57 kB	2023-03-29	2023-03-29
Pretty URL 1xlite-412089.top/en/registration IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 22:26:09 Last Seen2023-03-29 22:26:09 Times Seen1 Hash 7bf0351552f867d6e2e34dfa0b32ec6b aae009d9bec14812c11257245adad9a82280e220 14fbb7846ec1763b7b5ff8d29a64c3a31678c3328ce104fbe161320b2a690f82 Loading...

	v3.traincdn.com/_nuxt/desktop/default/commons/app-0c529b68.modern.js	258 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/commons/app-0c529b68.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:19:16 Last Seen2023-03-29 23:16:15 Times Seen30 Hash d213b78beb564d796cf351ff5e877aba 3e5442f6bb6140dbf27a8c55429862a37112abe1 83ccead4e65c778bd6f51fd107ce8454c2893bfce22cf90b8da8065fb21047e9 Loading...

	1xlite-412089.top/_nuxt/desktop/default/vendors/plugins.vue-notification-08642e21.modern.js	12 kB	2023-03-29	2023-03-29
Pretty URL 1xlite-412089.top/_nuxt/desktop/default/vendors/plugins.vue-notification-08642e21.modern.js IP 178.253.15.19 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:06:31 Last Seen2023-03-29 23:16:15 Times Seen34 Hash cee10f4c78e9ba0cf07df25f5142ae56 421f78afaba3208722653b696a6121893eeaa361 9663a934649ca5cba371e8dcc23bd00ceba3c027f45263549e7df69e048b0fba Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/92fb861f-5ddbea4b.modern.js	17 kB	2023-03-29	2023-03-29
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/92fb861f-5ddbea4b.modern.js IP 8.254.252.213 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:06:31 Last Seen2023-03-29 23:16:15 Times Seen30 Hash 9891642fe521adc5a700cfa10e5411a7 cf75e69b011051003df98667fa4f222121f7cee4 26be970f6e7cfafb8da1d6ae955c7476d6286c6ab5083918b93d152fc5101d34 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 5abb5072fbb30087cf051a52079a821d	16 kB	2023-03-29	2023-03-29
Pretty Observations First Seen2023-03-29 22:26:09 Last Seen2023-03-29 22:26:09 Times Seen1 Hash 5abb5072fbb30087cf051a52079a821d 723295ef94f13f17031a9ad8b4303b6110d2f8e5 922a5f749977719d94b2cef31df164ab33f2414a052bcc87d4e6abb0fbdc0e01 Loading...

	#2 Eval - 9cded30f7bcf402987ca1fcdf6c5f3d3	16 kB	2023-03-26	2023-03-29
Pretty Observations First Seen2023-03-26 08:07:32 Last Seen2023-03-29 23:21:19 Times Seen1123 Hash 9cded30f7bcf402987ca1fcdf6c5f3d3 ff05bc7e4b0e386acd1a16802984c805c8b35d59 50b06f3d6f2b666357bd52d6c71e869d4ddb33713d8f70cce47161f24725406d Loading...

	#3 Eval - 672dd79f2aee917d139b85dff81b07ac	22 B	2023-03-26	2023-03-29
Pretty Observations First Seen2023-03-26 08:07:33 Last Seen2023-03-29 23:21:19 Times Seen1123 Hash 672dd79f2aee917d139b85dff81b07ac 0983b5c27c8dbcef2a34bb3aea5d535724169732 194de1f71672078704902b1d6b90f127b88defefba37f18a3aac0b2b507d1e6a Loading...

	#4 Eval - ac02bfffaab57fcfb6d172fb20b1a121	64 B	2023-03-26	2023-03-29
Pretty Observations First Seen2023-03-26 08:07:32 Last Seen2023-03-29 23:21:19 Times Seen1123 Hash ac02bfffaab57fcfb6d172fb20b1a121 2f1dd7383fc846e49abf52215068d02a26e72cb8 3c12ab11c3e192f3e727d70aff57b655169d57c5b3e6bd30c73381c11acb93e4 Loading...

	#5 Eval - c9f3fb5cdf3373f06e330e6a87ce04ce	22 B	2023-03-26	2023-03-29
Pretty Observations First Seen2023-03-26 08:07:32 Last Seen2023-03-29 23:21:19 Times Seen1123 Hash c9f3fb5cdf3373f06e330e6a87ce04ce df99edfbb22db4736d72c3682cc5100ac6cc3d0f 7e31eb44219eea12f907946968f8b66102cb2d68650c6a93d64198f6a83fc927 Loading...

	#6 Eval - 52324a770384a51cee01d312a0967836	22 B	2023-03-29	2023-04-03
Pretty Observations First Seen2023-03-29 22:07:07 Last Seen2023-04-03 23:55:03 Times Seen1119 Hash 52324a770384a51cee01d312a0967836 4299c2e1a4eed09a7e1909e3a5963f82c108d852 61030fdcaac6b12bc0dc224160114651add4403b1f8ae11acd5078157e62ca8d Loading...

	#7 Eval - 1e579709eab326b67413ab276fa7c3b8	22 kB	2023-03-29	2023-03-29
Pretty Observations First Seen2023-03-29 22:26:09 Last Seen2023-03-29 22:26:09 Times Seen1 Hash 1e579709eab326b67413ab276fa7c3b8 feaa4c660b0cccf3b22c4669b2e180a0f005fb27 bc622cb8eb52a5511178961ccf9273437d0193624fa50b83dcf618efa797609f Loading...

	#8 Eval - be125104d4312167c487794d7cbc43fc	16 kB	2023-03-29	2023-04-03
Pretty Observations First Seen2023-03-29 22:07:07 Last Seen2023-04-03 23:55:03 Times Seen1120 Hash be125104d4312167c487794d7cbc43fc 67c2c378cecd18e4687886b2df2c1a83f1c0e046 c52e8eeb3f4cc2adcf9979cd0eed3a2f5d46d1640c49962a39e655e19dec4faa Loading...

	#9 Eval - 3e9b406e9bb277e07cf5dd90b6163f50	62 B	2023-03-29	2023-04-03
Pretty Observations First Seen2023-03-29 22:07:07 Last Seen2023-04-03 23:55:03 Times Seen1120 Hash 3e9b406e9bb277e07cf5dd90b6163f50 2e61b5402a759ffbfbe8c159c0ee5ee8d29b0421 a8e5a9e89dd2059b0ae5b141b769125ee2581cb7c3a0aa69b384a96c04b6b5e4 Loading...

	#10 Eval - 94d163cabb6d26e102610d92ced9f602	22 B	2023-03-29	2023-04-03
Pretty Observations First Seen2023-03-29 22:07:07 Last Seen2023-04-03 23:55:03 Times Seen1120 Hash 94d163cabb6d26e102610d92ced9f602 e3802f9c1976352f92a635945673d74d8b30d71d ed52a3db6a44bfd9b4f9d5b869cec5c3ab259aecb2d7634967d036ef5146654c Loading...

	#11 Eval - 72f5f9d3a6a0eb4d0846a0ee80a5b9c5	17 kB	2023-03-29	2023-03-29
Pretty Observations First Seen2023-03-29 22:26:09 Last Seen2023-03-29 22:26:09 Times Seen1 Hash 72f5f9d3a6a0eb4d0846a0ee80a5b9c5 7e7762b4d8fe9daabe88b407fabb120afd7110ff c609b22dfff126d32af96c7b49189216c9a2e17a092484b7a4dabb675bc0bffc Loading...

HTTP Transactions (107)

URL IP Response Size

1x-xredbet088981.top/registration/

178.253.47.27

301 Moved Permanently

162 B

URL HTTP/1.1
1x-xredbet088981.top/registration/
IP
178.253.47.27:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /registration/ HTTP/1.1
Host: 1x-xredbet088981.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 25 Mar 2023 15:53:47 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://1x-xredbet088981.top/registration/

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19159
Expires: Sat, 25 Mar 2023 21:13:07 GMT
Date: Sat, 25 Mar 2023 15:53:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14308
Expires: Sat, 25 Mar 2023 19:52:16 GMT
Date: Sat, 25 Mar 2023 15:53:48 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 15:15:27 GMT
content-type: application/json
age: 2301
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8696
Expires: Sat, 25 Mar 2023 18:18:44 GMT
Date: Sat, 25 Mar 2023 15:53:48 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: T/olDQIWm7U0leb9L99yqLEER3+IWBXSgI4Zk0NMKDaEdsZnLqTCHeG341baACieLvoLuK1FEug=
x-amz-request-id: PE64QG07HVZ62ZHP
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 14:54:57 GMT
age: 3531
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
90d3af712f8437d489370930656dcb7d
35b9499084cd99f3a4f63f6dbd684d3cccf58faa
5760acd2e3cb97440870e5f81adfebc20dadcf416deac861009d8a2f8a0ffc27

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5760ACD2E3CB97440870E5F81ADFEBC20DADCF416DEAC861009D8A2F8A0FFC27"
Last-Modified: Thu, 23 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18265
Expires: Sat, 25 Mar 2023 20:58:13 GMT
Date: Sat, 25 Mar 2023 15:53:48 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:48 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c9d0016ea008aa2761d9e6c0212823ba
5c507bc8bc09340022e0919ceee7126a85b40d40
0ced8f80e8893d17f60e2982ed0bf29ce28c5562f5241bcec77bfce39396726a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0CED8F80E8893D17F60E2982ED0BF29CE28C5562F5241BCEC77BFCE39396726A"
Last-Modified: Thu, 23 Mar 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13148
Expires: Sat, 25 Mar 2023 19:32:56 GMT
Date: Sat, 25 Mar 2023 15:53:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
87240d30a67f0737530bc26979e7d69d
e5c6d183c4c72377a896a6c6870a22ba59ff110e
47fecdf69d4c7f69f2c63be831c5bc2425b983987925278e44bfa8e62830c9c2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47FECDF69D4C7F69F2C63BE831C5BC2425B983987925278E44BFA8E62830C9C2"
Last-Modified: Fri, 24 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13960
Expires: Sat, 25 Mar 2023 19:46:28 GMT
Date: Sat, 25 Mar 2023 15:53:48 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 15:17:24 GMT
age: 2184
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.117.65.55

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.117.65.55:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zGL0WUa+FBrA9Q2GkaPGqA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: smUATj+0+bKORpfdN133if0wupg=
Date: Sat, 25 Mar 2023 15:53:48 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
63ca8c4e17e0b692d1829cd62b9af3af
d0bbecbe0b93ea21026898dbd13edee5fc071cb2
1208545ecf01edb7bcef0b3c288d9edd34d2034c7404ba68a64c2ef251cb42f1

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3a85d9c2de0b1015b62c81a1ab7fe625
389c7fe2d0d53ff607a3fd8e27283c8f1cb3a238
717fa1c4098bd6e282c24452a39aafc0b436941b2f398ef0086960effcc3f2ca

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f751c73e70576131b57b322a3d6b7edb
16bc218aca06a29e9233d4c8dad57ef3ad5f7780
9b3544b3fa2e0a261b3c6d154d7e00c61b9d420a2ffe13cae60cd4a513d30275

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:53:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 03:03:05 GMT
Expires: Thu, 30 Mar 2023 03:03:04 GMT
Etag: "16bc218aca06a29e9233d4c8dad57ef3ad5f7780"
Cache-Control: max-age=385154,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad854373a80b50b-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f751c73e70576131b57b322a3d6b7edb
16bc218aca06a29e9233d4c8dad57ef3ad5f7780
9b3544b3fa2e0a261b3c6d154d7e00c61b9d420a2ffe13cae60cd4a513d30275

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:53:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 03:03:05 GMT
Expires: Thu, 30 Mar 2023 03:03:04 GMT
Etag: "16bc218aca06a29e9233d4c8dad57ef3ad5f7780"
Cache-Control: max-age=385154,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad854373bdcb529-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f751c73e70576131b57b322a3d6b7edb
16bc218aca06a29e9233d4c8dad57ef3ad5f7780
9b3544b3fa2e0a261b3c6d154d7e00c61b9d420a2ffe13cae60cd4a513d30275

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:53:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 03:03:05 GMT
Expires: Thu, 30 Mar 2023 03:03:04 GMT
Etag: "16bc218aca06a29e9233d4c8dad57ef3ad5f7780"
Cache-Control: max-age=385154,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad854373c3cb4f9-OSL

v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Games.GamesProject/Page.Game/60caf41e-212e2c08.modern.js

8.254.252.213

200 OK

2.5 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Games.GamesProject/Page.Game/60caf41e-212e2c08.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (8200), with no line terminators
Size
2.5 kB (2482 bytes)
Hash
793ef13a8463df8e528bb25ee4c915d6
b7aea3d75042d880d503eb6992a2afd1230e022b
4bac80bb49a98ac5f3aff4aa98b4d88b5f4aaa6f80907ddec25d10cf88b61aea

HTTP Headers

GET /_nuxt/desktop/default/Layout.Information/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Games.GamesProject/Page.Game/60caf41e-212e2c08.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 2482
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-9b2"
expires: Sun, 26 Mar 2023 12:37:20 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11790
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Registration-63ff5a86.modern.js

8.254.252.213

200 OK

2.6 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Registration-63ff5a86.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (7195), with no line terminators
Size
2.6 kB (2618 bytes)
Hash
37e5b6ca3b131f0fada5ba880d8b32f4
11f33c7a5c4fedad78576d8ad09176597ad69cb1
dc4fd82e7cb59aa37fa965e7385b31e42538fdac12f1d5e2c8e0dd2af6065546

HTTP Headers

GET /_nuxt/desktop/default/Page.Registration-63ff5a86.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 2618
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-a3a"
expires: Sun, 26 Mar 2023 12:37:36 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11779
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/fab5adf2.css

8.254.252.213

200 OK

2.1 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/fab5adf2.css
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (16723), with no line terminators
Size
2.1 kB (2079 bytes)
Hash
3970a74d8b444d34ebf3e71113c5b7e5
f8966ebe093af4de4556ae32909389a74bdc001e
d2ccbde036c97c58ee7ffe55dc05b58e84d776b13643b7b03f35b6febc908cb4

HTTP Headers

GET /_nuxt/desktop/default/css/fab5adf2.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: text/css
content-length: 2079
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-81f"
expires: Sun, 26 Mar 2023 10:30:56 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 19376
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/commons/app-0c529b68.modern.js

8.254.252.213

200 OK

87 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/commons/app-0c529b68.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65476)
Size
87 kB (86988 bytes)
Hash
187b6a606ddb824fec7b5ba47dc05c5c
98585ea5b98c33be2945a6c47c6b647527afac93
bd18a0bf615538e8bec5f5d5b827ae52e56602e98dc9718abffab6be15b1d696

HTTP Headers

GET /_nuxt/desktop/default/commons/app-0c529b68.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 86988
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-153cc"
expires: Sun, 26 Mar 2023 12:37:23 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11787
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg

8.254.252.213

200 OK

698 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Size
698 B (698 bytes)
Hash
baf96800254904a05eee2ff49c94a801
847efb3449a8d7857f004192310aa2164a71d530
0ba137aa5f655e712ac40a592f366d1bd3b53b0a6b71c2cff4e7e0090f440335

HTTP Headers

GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: image/svg+xml
content-length: 698
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Sun, 26 Mar 2023 03:12:37 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 45674
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/runtime-2a1698b0.modern.js

8.254.252.213

200 OK

11 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/runtime-2a1698b0.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (33956), with no line terminators
Size
11 kB (11327 bytes)
Hash
91108e0d8ad3df20f4d2e84b27cdc562
0c12d9b8c33929f68cb591b50c36f446c3bf9606
1c9f796ab2e7930657b4453ff465ff6a91f9a9dabf9ab1a329d15eb17d30ba2c

HTTP Headers

GET /_nuxt/desktop/default/runtime-2a1698b0.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 11327
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-2c3f"
expires: Sun, 26 Mar 2023 14:23:43 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5414
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/620a933b.css

8.254.252.213

200 OK

633 B

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/620a933b.css
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (2717), with no line terminators
Size
633 B (633 bytes)
Hash
48f92b600ace73bf4157e87a3d82dad3
acd00b1e75178457e5ea5ea48f6fe4b5a6ccb965
4513e985c8686bd6bfd2f594510662b0e84aed2da4f6f4138cc0d016d586f82b

HTTP Headers

GET /_nuxt/desktop/default/css/620a933b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: text/css
content-length: 633
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-279"
expires: Sun, 26 Mar 2023 09:33:13 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 22859
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/app-9d7c449a.modern.js

8.254.252.213

200 OK

191 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/app-9d7c449a.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
191 kB (191116 bytes)
Hash
872a9bb204f2546a6b147381a1ca4e4e
4716cd88bd3423dfad604e5452b88da7a4b33999
f182e2a9e457008639bd32c97f843d4d7dc0ff01e703cc104f3200a140ebf6c8

HTTP Headers

GET /_nuxt/desktop/default/app-9d7c449a.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 191116
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-2ea8c"
expires: Sun, 26 Mar 2023 14:23:38 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5412
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/cc84628d.css

8.254.252.213

200 OK

10 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/cc84628d.css
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
10 kB (10372 bytes)
Hash
0763cefffeee15ff5ead14f864f471ba
25d4a58078c77db85e863c3d01661d15e2b6582c
60dd8addf8a42c4e23fb86d93c00154ee958a6f0dc6d8d5069dce6a79197c600

HTTP Headers

GET /_nuxt/desktop/default/css/cc84628d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: text/css
content-length: 10372
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-2884"
expires: Sun, 26 Mar 2023 10:07:18 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 20793
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/app-cf9f15ab.modern.js

8.254.252.213

200 OK

330 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/app-cf9f15ab.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (65430)
Size
330 kB (329518 bytes)
Hash
eec62bb775e59c7e647e00b5ba2a09c3
5e992215a6ad24d182b1a8b9699afcfc4dc4715d
3edf3b97fc08bd07138a604eb651f7071944e8887cd7177415cb2d2ece2b68ec

HTTP Headers

GET /_nuxt/desktop/default/vendors/app-cf9f15ab.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 329518
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-5072e"
expires: Sun, 26 Mar 2023 14:23:43 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5412
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f751c73e70576131b57b322a3d6b7edb
16bc218aca06a29e9233d4c8dad57ef3ad5f7780
9b3544b3fa2e0a261b3c6d154d7e00c61b9d420a2ffe13cae60cd4a513d30275

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:53:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 03:03:05 GMT
Expires: Thu, 30 Mar 2023 03:03:04 GMT
Etag: "16bc218aca06a29e9233d4c8dad57ef3ad5f7780"
Cache-Control: max-age=385153,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad854373df10b4d-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
f751c73e70576131b57b322a3d6b7edb
16bc218aca06a29e9233d4c8dad57ef3ad5f7780
9b3544b3fa2e0a261b3c6d154d7e00c61b9d420a2ffe13cae60cd4a513d30275

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 15:53:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 03:03:05 GMT
Expires: Thu, 30 Mar 2023 03:03:04 GMT
Etag: "16bc218aca06a29e9233d4c8dad57ef3ad5f7780"
Cache-Control: max-age=385153,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad854373c3fb4f7-OSL

v3.traincdn.com/version.json

8.254.252.213

200 OK

44 B

URL HTTP/2
v3.traincdn.com/version.json
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text
Size
44 B (44 bytes)
Hash
21465562045422e84190aacb1317d092
a486fc4f1b7a6d9bcec18b0d72d9178d0432c39e
8f819bcc4ad95c12a4c8cfa9d29b45002d051e5d445f4ce0067f7bf3512ea8e2

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/json
content-length: 44
cache-control: max-age=60, s-maxage=60
content-encoding: gzip
etag: "641c4fc1-2c"
expires: Sat, 25 Mar 2023 15:54:13 GMT
last-modified: Thu, 23 Mar 2023 13:10:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 37
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/a6487f8a.css

8.254.252.213

200 OK

45 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/a6487f8a.css
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
45 kB (44912 bytes)
Hash
9ec37a6b66bc0ebf63673f93dbaf2669
296c623bd24002b9f8d6fee86f581cb3c591369a
09a97dff70c05c919bf9e1f7a6f6940b14589414ea25997e97c40e0416c4fe5f

HTTP Headers

GET /_nuxt/desktop/default/css/a6487f8a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: text/css
content-length: 44912
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-af70"
expires: Sun, 26 Mar 2023 14:23:39 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5411
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12695
Expires: Sat, 25 Mar 2023 19:25:25 GMT
Date: Sat, 25 Mar 2023 15:53:50 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12695
Expires: Sat, 25 Mar 2023 19:25:25 GMT
Date: Sat, 25 Mar 2023 15:53:50 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6511 bytes)
Hash
02e0767e0c72d95e30337ad42f5d15b3
79aa21ca35c9d98ea7d0713d219e9b67083bdc05
7991a0c4d409cca49259cb626d0de39684635f14fad72e074b303235026673a9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdaf1038f-e1d8-41a0-a039-85a85d278271.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 38d33f4d-2b85-4666-b778-04f4b4dfdf10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihSFIdIAMFRjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a1-036a28e75189d05209396933;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:29 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: eYAgUDZFGkaskq0A77VgX54hvvjtQtClrFyED3COkankS76uD7hTAQ==
via: 1.1 53ee82a7eb57de316cba44c26680b4a6.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:43:52 GMT
age: 65398
etag: "79aa21ca35c9d98ea7d0713d219e9b67083bdc05"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.0 kB (4000 bytes)
Hash
85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 05:56:24 GMT
age: 35846
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5296 bytes)
Hash
aecd210f66f83c73c3450d047ae7448a
d68861e96e12e8a3f293dbae8b687f05b6e15afb
22b69c41c56e5538d91f824d5dc2e63ab5563f99ae8e429c9166f4b397cacd0e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5296
x-amzn-requestid: 11fdf0c8-244c-4cd5-bfa7-4c77d777174f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzEqkIAMFXOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-5c241d63598dbf595b54ead5;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: b1KWFmKdRQ4DU0v5JmC7AJatpv2B5FAHKVWL7pFiyh13fqYDA5qydA==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:13 GMT
age: 64597
etag: "d68861e96e12e8a3f293dbae8b687f05b6e15afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1xlite-412089.top/genfiles/cms/pg/285/css/value/835091f561292d90076ac4d66f891da6.css

178.253.15.19

200 OK

14 kB

URL HTTP/2
1xlite-412089.top/genfiles/cms/pg/285/css/value/835091f561292d90076ac4d66f891da6.css
IP
178.253.15.19:0
ASN
#0

File type
ASCII text, with very long lines (27759), with no line terminators
Size
14 kB (13671 bytes)
Hash
3e82ed1459d38ba2158caad6d57f12a3
147baa181b27d82da8009e6544f354f6d243749d
bb2171713fe7ed016c44287f5811adf6a3a469472f676556513d0fe78cf2bc4f

HTTP Headers

GET /genfiles/cms/pg/285/css/value/835091f561292d90076ac4d66f891da6.css HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:49 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Thu, 23 Mar 2023 12:07:20 GMT
x-rgw-object-type: Normal
etag: W/"9f73cdc4d6d26a078df3692e253640d3"
content-encoding: br
expires: Sat, 25 Mar 2023 16:53:49 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b644abd1d83faa6f0327486dae33b18d
cb745aa55db6976159ef31ff8835e2b26fd32109
784e1b0a41a50629890a6fd6f58beb9f3a6eb5ba56aa35c671e5217d839aeeac

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7800 bytes)
Hash
5773974a7341690f006b052ad02c94db
1b11316c952e2195da1646dd94671669e7e3bc2b
a06b72138745500cacc919fea29536ebd4188a1c483f6123e3402458e299f16a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: bad99b1e-3923-4de9-8bea-4dd04e96f7cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfFGcIAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-0826b92d4c4af16553503600;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 9AGLmjvUSTKIsYIWECOR8QwdF4PP1tP1TweUm0VYvxQ0qskqj3YuLA==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:43:53 GMT
age: 65397
etag: "1b11316c952e2195da1646dd94671669e7e3bc2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.2 kB (6185 bytes)
Hash
dd191e3a122d6e31f81e6e9d434c58d6
aec88022970c93289434f8097e4a663da33e5271
1f00c901ef479637ec703d7924526a970cb13dd2635b2bbb68b285df9d98e011

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6185
x-amzn-requestid: 223de50b-9a7e-4ac7-9305-336658eec4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiwYHoLoAMFXtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e1802-226bd8524ade75234053ff50;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:37:06 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ye0ADORg1hFVLxcNVj-qS60tlfguOEtyTx_XFU4ooJOcDHqNsqV3kw==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:14 GMT
age: 64596
etag: "aec88022970c93289434f8097e4a663da33e5271"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:41 GMT
expires: Sat, 23 Mar 2024 10:26:41 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 106029
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:43 GMT
expires: Sat, 23 Mar 2024 10:26:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 106027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ce6948c57f579a85042a4388c45514d6
4b3002c036034ef0cb8d9eb73b7bf7f561862b99
85e655e198ac1724ffca7bf4efc4f98de8c436cebf41ed665cc397fbb02a243a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1xlite-412089.top/genfiles/cms/pg/285/images/7ff608075eeeae857d6d0d4fc1d19854.png

178.253.15.19

200 OK

653 B

URL HTTP/2
1xlite-412089.top/genfiles/cms/pg/285/images/7ff608075eeeae857d6d0d4fc1d19854.png
IP
178.253.15.19:0
ASN
#0

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
653 B (653 bytes)
Hash
e6f0766cbd95db33da44e7a9140648f2
5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

HTTP Headers

GET /genfiles/cms/pg/285/images/7ff608075eeeae857d6d0d4fc1d19854.png HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: image/png
content-length: 653
last-modified: Thu, 09 Mar 2023 12:41:36 GMT
x-rgw-object-type: Normal
etag: "e6f0766cbd95db33da44e7a9140648f2"
expires: Sun, 26 Mar 2023 15:48:31 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-412089.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-e284dc3f.modern.js

178.253.15.19

200 OK

22 kB

URL HTTP/2
1xlite-412089.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-e284dc3f.modern.js
IP
178.253.15.19:0
ASN
#0

File type
ASCII text, with very long lines (65476)
Size
22 kB (21746 bytes)
Hash
773525f393dd389999a59af6de38c729
42fc6ed0f7c61cf786789c2af18ec3298aa88d43
4229cc17e4eda8a4146c69ebe6882e782d59306eaa8ab460143cbbd4218197fe

HTTP Headers

GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-e284dc3f.modern.js HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 21746
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
vary: Accept-Encoding
etag: "641c4eff-54f2"
content-encoding: gzip
expires: Sat, 25 Mar 2023 16:53:50 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/_nuxt/desktop/default/css/fab5adf2.css

178.253.15.19

200 OK

2.1 kB

URL HTTP/2
1xlite-412089.top/_nuxt/desktop/default/css/fab5adf2.css
IP
178.253.15.19:0
ASN
#0

File type
ASCII text, with very long lines (16723), with no line terminators
Size
2.1 kB (2079 bytes)
Hash
3970a74d8b444d34ebf3e71113c5b7e5
f8966ebe093af4de4556ae32909389a74bdc001e
d2ccbde036c97c58ee7ffe55dc05b58e84d776b13643b7b03f35b6febc908cb4

HTTP Headers

GET /_nuxt/desktop/default/css/fab5adf2.css HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: text/css
content-length: 2079
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
vary: Accept-Encoding
etag: "641c4eff-81f"
content-encoding: gzip
expires: Sat, 25 Mar 2023 16:53:50 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/_nuxt/desktop/default/css/620a933b.css

178.253.15.19

200 OK

633 B

URL HTTP/2
1xlite-412089.top/_nuxt/desktop/default/css/620a933b.css
IP
178.253.15.19:0
ASN
#0

File type
ASCII text, with very long lines (2717), with no line terminators
Size
633 B (633 bytes)
Hash
48f92b600ace73bf4157e87a3d82dad3
acd00b1e75178457e5ea5ea48f6fe4b5a6ccb965
4513e985c8686bd6bfd2f594510662b0e84aed2da4f6f4138cc0d016d586f82b

HTTP Headers

GET /_nuxt/desktop/default/css/620a933b.css HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: text/css
content-length: 633
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
vary: Accept-Encoding
etag: "641c4eff-279"
content-encoding: gzip
expires: Sat, 25 Mar 2023 16:53:50 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/_nuxt/desktop/default/vendors/plugins.vue-notification-08642e21.modern.js

178.253.15.19

200 OK

4.6 kB

URL HTTP/2
1xlite-412089.top/_nuxt/desktop/default/vendors/plugins.vue-notification-08642e21.modern.js
IP
178.253.15.19:0
ASN
#0

File type
ASCII text, with very long lines (12527), with no line terminators
Size
4.6 kB (4564 bytes)
Hash
73c3ace82d02dad6882bd14ea52da7f4
00ceef8370ee79df2b0a41b0893f9947f6de9473
7836a5b631972d6ffa53a85e3478359d3559565eadf0935382e21f9b3b7d3f9e

HTTP Headers

GET /_nuxt/desktop/default/vendors/plugins.vue-notification-08642e21.modern.js HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:50 GMT
content-type: application/javascript; charset=utf-8
content-length: 4564
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
vary: Accept-Encoding
etag: "641c4eff-11d4"
content-encoding: gzip
expires: Sat, 25 Mar 2023 16:53:50 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/web-api/external-api/config/deprecated

178.253.15.19

200 OK

4.6 kB

URL HTTP/2
1xlite-412089.top/web-api/external-api/config/deprecated
IP
178.253.15.19:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (23002), with no line terminators
Size
4.6 kB (4643 bytes)
Hash
1fa7924487c8aeecea49b78d538bf6fe
38f1c7a5f302c6c839505445584311251f04f245
1b100b00d639322db3212fe005cdca4c919aea75f1a0c36b7f3e0c300b113a5c

HTTP Headers

GET /web-api/external-api/config/deprecated HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=143, dt_285;dur=146
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/_nuxt/desktop/default/plugins.vue-js-modal-47044ce7.modern.js

178.253.15.19

200 OK

7.5 kB

URL HTTP/2
1xlite-412089.top/_nuxt/desktop/default/plugins.vue-js-modal-47044ce7.modern.js
IP
178.253.15.19:0
ASN
#0

File type
HTML document, ASCII text, with very long lines (25593), with no line terminators
Size
7.5 kB (7506 bytes)
Hash
a1a846c7e1aa195109bb4cc4cbb78150
a31119ea562fce87fad30a2d03b1ca91b6fc3f5f
6fa1dbd317e7de2bf40ee151e86d6d8232f40ff04d08084e230dad89e76bb4be

HTTP Headers

GET /_nuxt/desktop/default/plugins.vue-js-modal-47044ce7.modern.js HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 7506
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
vary: Accept-Encoding
etag: "641c4eff-1d52"
content-encoding: gzip
expires: Sat, 25 Mar 2023 16:53:51 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/_nuxt/Desktop/Default/svg-sprites/common-2000204.svg

178.253.15.19

200 OK

47 kB

URL HTTP/2
1xlite-412089.top/_nuxt/Desktop/Default/svg-sprites/common-2000204.svg
IP
178.253.15.19:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Size
47 kB (47282 bytes)
Hash
73ed95c0e929a50ba4057c26d16873db
b17cc932b9bca0ef70bbaebba899f702edfe18bb
bf78809e21c41e1b3d41b42cb5d8cd03fc38a717f65f45e31949d224e108e94c

HTTP Headers

GET /_nuxt/Desktop/Default/svg-sprites/common-2000204.svg HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
etag: W/"641c4eff-1db2f"
expires: Sun, 26 Mar 2023 15:48:33 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/version.json?timestamp=1679759644542

178.253.15.19

200 OK

44 B

URL HTTP/2
1xlite-412089.top/version.json?timestamp=1679759644542
IP
178.253.15.19:0
ASN
#0

File type
ASCII text
Size
44 B (44 bytes)
Hash
21465562045422e84190aacb1317d092
a486fc4f1b7a6d9bcec18b0d72d9178d0432c39e
8f819bcc4ad95c12a4c8cfa9d29b45002d051e5d445f4ce0067f7bf3512ea8e2

HTTP Headers

GET /version.json?timestamp=1679759644542 HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json
content-length: 44
last-modified: Thu, 23 Mar 2023 13:10:25 GMT
vary: Accept-Encoding
etag: "641c4fc1-2c"
content-encoding: gzip
expires: Sat, 25 Mar 2023 15:54:51 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-178408567-1

142.250.74.168

200 OK

46 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2206)
Size
46 kB (45867 bytes)
Hash
b4f352cc2a102b9fbea8e7ec76b69b5b
8e286ae150fe9e4345e408b50d82924eff1be21c
a9020d0bf12f5865208d459577853b954398018d07d7c3cbfd506651c97c6ae8

HTTP Headers

GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 25 Mar 2023 15:53:51 GMT
expires: Sat, 25 Mar 2023 15:53:51 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45867
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/DC-c1085c22.modern.js

8.254.252.213

200 OK

1.1 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/DC-c1085c22.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (2511), with no line terminators
Size
1.1 kB (1084 bytes)
Hash
bef7503c53a7aea9892bdfc1d7d48591
2ebd1a5e024368cbbd7038c7ab5bc6a8c4e09d60
ff189730d701c5729b69ba1e1a5794b132c4a1183e0cf24828fc4204b990648a

HTTP Headers

GET /_nuxt/desktop/default/DC-c1085c22.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 1084
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-43c"
expires: Sun, 26 Mar 2023 12:37:25 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11788
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4355291ec58b85ddde02c2446ecb2bb4
4ad43e10f82193f83e862e8a78f3e46de9490ac4
e32fd5635627751770ee13e8f77b14b2555163cfc2d7db98aa8edb5b4bae4d9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1xlite-412089.top/web-api/api/web/v1/config/actualDomain

178.253.15.19

200 OK

19 kB

URL HTTP/2
1xlite-412089.top/web-api/api/web/v1/config/actualDomain
IP
178.253.15.19:0
ASN
#0

File type
JSON data\012- data
Size
19 kB (19042 bytes)
Hash
35d8f4f1f985be4a90a87ffc653ae879
d8f0aca3a4e9f5a05278f972759448c753934253
268737465d9ba5503a59f77454e96643e64e915bf38f449b0c26b3d93d09452f

HTTP Headers

GET /web-api/api/web/v1/config/actualDomain HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
server-timing: p;dur=32, dt_285;dur=34
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/92fb861f-5ddbea4b.modern.js

8.254.252.213

200 OK

5.2 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/92fb861f-5ddbea4b.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (17248)
Size
5.2 kB (5207 bytes)
Hash
6eedcdca31d26478d15ebd460a2eef5e
195fadc658ec0ea215445882c4b6e67aeffb4b1e
a52204667b7f83a6d1f3dfea5b06ec6f1a21de2e7da22e41bbc46c15d6eaab21

HTTP Headers

GET /_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/92fb861f-5ddbea4b.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 5207
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-1457"
expires: Sun, 26 Mar 2023 12:37:27 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11787
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-6a3fd746.modern.js

8.254.252.213

200 OK

5.4 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-6a3fd746.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (13491), with no line terminators
Size
5.4 kB (5405 bytes)
Hash
b7443f1feac267269df2dc2debe5e48b
5b7a375f470356766b25213eebe71e1a74f07ad4
8803051872ed1d94872f72ea6c05fe2bb41b30228d3a6b69ea3e8a3f9c2c0581

HTTP Headers

GET /_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-6a3fd746.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 5405
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-151d"
expires: Sun, 26 Mar 2023 12:37:28 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11787
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/6642b59d.css

8.254.252.213

200 OK

209 B

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/6642b59d.css
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (369), with no line terminators
Size
209 B (209 bytes)
Hash
69bfd5fa2f9cda5127bf35a80e5c2266
fdfb4974bafb9663682a5c1a9682e7d34bbf6314
623ccbd0f043c1a34b5334ba948a8348e28292ee8a2b568d6f65ad2fb927d844

HTTP Headers

GET /_nuxt/desktop/default/css/6642b59d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: text/css
content-length: 209
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-d1"
expires: Sun, 26 Mar 2023 09:32:31 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 22880
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/42f54998-2bc885ab.modern.js

8.254.252.213

200 OK

8.1 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/42f54998-2bc885ab.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (24831), with no line terminators
Size
8.1 kB (8054 bytes)
Hash
243d0f2597584bad84b3267c70da2481
1bc0f2ebac6b9776da7b09cd34a0624a4f3d0be4
3c8fcc516039424e885c249367ff9e78ff17b2f0a757cfd026541c90770be12f

HTTP Headers

GET /_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/42f54998-2bc885ab.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 8054
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-1f76"
expires: Sun, 26 Mar 2023 12:37:27 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11785
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/aa7fd5e1.css

8.254.252.213

200 OK

5.1 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/aa7fd5e1.css
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (35944), with no line terminators
Size
5.1 kB (5085 bytes)
Hash
445c914b35a4c8625f16ea7a35010ad3
24cf0888ab161704b5cf8d05ea5e840f4104bc54
e8bb4bfd353d92b61d4d3e627c1e0624cb03dc418aa347553e1527c183a2aeab

HTTP Headers

GET /_nuxt/desktop/default/css/aa7fd5e1.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: text/css
content-length: 5085
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-13dd"
expires: Sun, 26 Mar 2023 10:09:07 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 20684
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7ca4c956-9a37e100.modern.js

8.254.252.213

200 OK

7.0 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7ca4c956-9a37e100.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (26400), with no line terminators
Size
7.0 kB (7031 bytes)
Hash
f42afe416afa408ac774d123b01acd95
ad096f43e8cbf9ae3f03273aadec9fe175420da6
41e6aab2081b3bb4ae6de76c0ecd2d37294a2fbfcb7cd2439e386e3dfbf7bd88

HTTP Headers

GET /_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7ca4c956-9a37e100.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 7031
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-1b77"
expires: Sun, 26 Mar 2023 14:23:55 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5404
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css

8.254.252.213

200 OK

454 B

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (1429), with no line terminators
Size
454 B (454 bytes)
Hash
3e9cde2df29737e923934bd965f79e9a
cca49320b6bdae86147a6ca485a22efcaceca43f
c11ce6bca018affeed8af94378f7c19ec7c62e8eddb1a189c03f7c075a978938

HTTP Headers

GET /_nuxt/desktop/default/css/c2b74bc7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: text/css
content-length: 454
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-1c6"
expires: Sun, 26 Mar 2023 08:32:01 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 26510
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/efb74296.css

8.254.252.213

200 OK

1.3 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/efb74296.css
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (5671), with no line terminators
Size
1.3 kB (1260 bytes)
Hash
713eb75d62fc803696a93f722e4487b1
4fad87eea50f9d6fdb6bf752865ba7c6d7c433ec
fafd6239c7f0785ae825fd5fb59425d12951181b2ada953ffbf079c1e2db0481

HTTP Headers

GET /_nuxt/desktop/default/css/efb74296.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: text/css
content-length: 1260
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-4ec"
expires: Sun, 26 Mar 2023 09:32:29 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 22885
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-38254112.modern.js

8.254.252.213

200 OK

18 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-38254112.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (44093), with NEL line terminators
Size
18 kB (17889 bytes)
Hash
7d44a555e6eb1f6b717e8ec5e56b6dd7
bbc51f9a2e247429eca60773dc8d4eefbdd25bbc
31eea1833c2b0b7ea8b614d210d14cd44d7a104337fd6b349f7742d5a8eb759b

HTTP Headers

GET /_nuxt/desktop/default/vendors/betting.media-38254112.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 17889
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-45e1"
expires: Sun, 26 Mar 2023 12:37:27 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11784
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/betting.media-e1a44f37.modern.js

8.254.252.213

200 OK

4.8 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/betting.media-e1a44f37.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (19645), with no line terminators
Size
4.8 kB (4842 bytes)
Hash
f373c4913798cb40f52814f1b1d4ddca
8fa1c484dbf5aae328594ee8e2c96e0f3b18d734
3e39d794b002692feeb1fb8f7b595b787bbebcf8e4fbba18f490d5b6450aa355

HTTP Headers

GET /_nuxt/desktop/default/betting.media-e1a44f37.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 4842
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-12ea"
expires: Sun, 26 Mar 2023 12:37:27 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11786
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/6ddcb708.css

8.254.252.213

200 OK

464 B

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/6ddcb708.css
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (1665), with no line terminators
Size
464 B (464 bytes)
Hash
a573a54f11caefb31dfb77b8c37d0bc1
f2497db66066cec72604e1e06999d56d75c0c821
ab5b915932a677e6ce7a05ca96074cd3c92bb13054410556ed6ac066fe45e437

HTTP Headers

GET /_nuxt/desktop/default/css/6ddcb708.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: text/css
content-length: 464
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-1d0"
expires: Sun, 26 Mar 2023 14:15:33 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5898
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/registration.Main-21ae49d1.modern.js

8.254.252.213

200 OK

53 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/registration.Main-21ae49d1.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
53 kB (52555 bytes)
Hash
9e966ab1679e3b64087fa505c56d57f0
d096ff77291810a4e214921b72582f6695ce594d
e8dff875dc534a1ad2785494243b1eec222a1569d0978ccae309a9d133e95b22

HTTP Headers

GET /_nuxt/desktop/default/registration.Main-21ae49d1.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 52555
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-cd4b"
expires: Sun, 26 Mar 2023 14:27:27 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5296
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-e85a500d.modern.js

8.254.252.213

200 OK

1.1 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-e85a500d.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (2452), with no line terminators
Size
1.1 kB (1081 bytes)
Hash
6790f30c9b060e185da80824c0d7beb7
0c6ae1a05261b935f39ec7d2239b42940c385d8e
613438af812ca9db4ed4f79987d4a127140992aa6cd4ab5b5c7a61c420aa0697

HTTP Headers

GET /_nuxt/desktop/default/ioc.dependencies.32-e85a500d.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/javascript; charset=utf-8
content-length: 1081
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-439"
expires: Sun, 26 Mar 2023 10:07:35 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 20783
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-412089.top/session-api/sessions/user

178.253.15.19

200 OK

16 B

URL HTTP/2
1xlite-412089.top/session-api/sessions/user
IP
178.253.15.19:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
16 B (16 bytes)
Hash
646b2e82b65602d35f7aa6283c387e3a
b163a70c5df8e4b0861a23a04f8a6f78393747f4
b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab

HTTP Headers

GET /session-api/sessions/user HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
server-timing: p;dur=0.76794624328613
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-412089.top%2Fen%2Fregistration&language=en

178.253.15.19

200 OK

50 B

URL HTTP/2
1xlite-412089.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-412089.top%2Fen%2Fregistration&language=en
IP
178.253.15.19:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
50 B (50 bytes)
Hash
b87a1addd40bfb43c006eedcb9f21f28
7c504dfdecbb7e3e61f8681eb9e338a6698d5fc2
931bc5f84afccc01bc652d702e50b45ab57739699a88f157b994eda943ffcf57

HTTP Headers

GET /frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-412089.top%2Fen%2Fregistration&language=en HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json; charset=utf-8
content-length: 50
access-control-allow-origin: *
etag: W/"32-fFBN/ey7fj5h+GgeueM4pmmNX8I"
server-timing: requestTime; dur=44.336946999999995; desc="req_t", renderTime; dur=44.356418999999995; desc="rend_t", total; dur=44.668091; desc="Total Response Time"
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/checker/redirect/stat/run/

178.253.15.19

200 OK

82 kB

URL HTTP/2
1xlite-412089.top/checker/redirect/stat/run/
IP
178.253.15.19:0
ASN
#0

File type
data
Size
82 kB (82223 bytes)
Hash
1741518ca3417851926d5f8ba47ed8a9
0f2639844474475607d62e06cca1b357b7b40583
2885177bceddda9268955057274524fe2b675234bfe30dbd6ba1807a9a1505ce

HTTP Headers

GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
api-supported-versions: 1.0
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/web-api/user/secure

178.253.15.19

200 OK

58 B

URL HTTP/2
1xlite-412089.top/web-api/user/secure
IP
178.253.15.19:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
83b2830051ef9b576585d544c2316890
5e7c9e521539a68d3cd762538f120ea92872c26c
3c6793d162c560d6955b0b606eb9470ae803f6dd8f3538d86da4a84a7230b594

HTTP Headers

POST /web-api/user/secure HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json; charset=utf-8
content-length: 58
server-timing: dt_285;dur=75
set-cookie: is_rtl=1; expires=Sun, 24-Mar-2024 15:53:51 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
fast_coupon=true; expires=Sat, 01-Apr-2023 15:53:51 GMT; Max-Age=604800; path=/
v3fr=1; expires=Tue, 28-Mar-2023 15:53:51 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax
_glhf=1679777408; expires=Sat, 25-Mar-2023 16:53:52 GMT; Max-Age=3600; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/web-api/api/converslon/load

178.253.15.19

200 OK

32 kB

URL HTTP/2
1xlite-412089.top/web-api/api/converslon/load
IP
178.253.15.19:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
32 kB (32176 bytes)
Hash
106139eef113e079e5860080a95a2a9c
a9ad8b853d80601ccf9dd3c33c4998f0f74d24ea
babfbd70ec63791fb2f9f86873fb6d1cf03346c4343da60e3c7377cc734a12a6

HTTP Headers

GET /web-api/api/converslon/load HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=18, dt_285;dur=20
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1679759645321

178.253.15.19

200 OK

145 B

URL HTTP/2
1xlite-412089.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1679759645321
IP
178.253.15.19:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
145 B (145 bytes)
Hash
55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b

HTTP Headers

GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1679759645321 HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
expires: Sun, 26 Mar 2023 15:53:52 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-412089.top/web-api/api/internal/v1/proof_of_age

178.253.15.19

204 No Content

0 B

URL HTTP/2
1xlite-412089.top/web-api/api/internal/v1/proof_of_age
IP
178.253.15.19:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
cache-control: no-cache, private
server-timing: p;dur=40, dt_285;dur=46
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137

178.253.15.19

200 OK

20 kB

URL HTTP/2
1xlite-412089.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137
IP
178.253.15.19:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (1490)
Size
20 kB (20279 bytes)
Hash
09a97a9d39fb6d45e64ffc32df98aeae
f33b0ccfa30a34f3adea75e19f1ca798b8bc4a4e
0dbcabdd17274e71b513c4acaf9cdf0e36d35417f84e65e8d97fd730400867fc

HTTP Headers

GET /web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=75, dt_285;dur=78
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
248b003a4a6dda3d2c481cfd45e49176
ae6e1dbc704dbe302549888e545689eb88e83bb9
14df223924711cca8488c64942b656023cb6e69cb83863ccd0f9cdb8ac4682fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=117090981.1679759645&gtm=45je33m0&aip=1&z=1201764760

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=117090981.1679759645&gtm=45je33m0&aip=1&z=1201764760
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=117090981.1679759645&gtm=45je33m0&aip=1&z=1201764760 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 25 Mar 2023 15:53:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
248b003a4a6dda3d2c481cfd45e49176
ae6e1dbc704dbe302549888e545689eb88e83bb9
14df223924711cca8488c64942b656023cb6e69cb83863ccd0f9cdb8ac4682fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

v3.traincdn.com/_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.BetsHistory/Page.Office.Partner/d6d9fee2-285bf5f5.modern.js

8.254.252.213

200 OK

15 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.BetsHistory/Page.Office.Partner/d6d9fee2-285bf5f5.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (58315), with no line terminators
Size
15 kB (15098 bytes)
Hash
b58308cb6f12602d5b094479063d9fa0
e8858c280daa69477d69a4d586707f7516c1f0de
782e5bb27de8fd8e1fa08ed62dda33cd00d01ff7ffa74b0ca107182afac1c7a1

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.BetsHistory/Page.Office.Partner/d6d9fee2-285bf5f5.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 15098
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-3afa"
expires: Sun, 26 Mar 2023 14:23:45 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 5407
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/10a981df.css

8.254.252.213

200 OK

1.3 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/10a981df.css
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (6623), with no line terminators
Size
1.3 kB (1310 bytes)
Hash
6a214296f4e840b21149dabc19ab61f4
1bd01a9b348b3666ebf9033de28c9689350b8c33
213938dc31603dd4ac475a3abb4cf3e643d32faa6c9cfb10a611dfb66e3d659e

HTTP Headers

GET /_nuxt/desktop/default/css/10a981df.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: text/css
content-length: 1310
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-51e"
expires: Sun, 26 Mar 2023 09:33:31 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 22854
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-0879ec04.modern.js

8.254.252.213

200 OK

7.5 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-0879ec04.modern.js
IP
8.254.252.213:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (35156), with no line terminators
Size
7.5 kB (7500 bytes)
Hash
79fa1e3a31bd6c8880126faa6fbb2239
05363ae685f45a81e39fcac8851b73740e02314c
aadbb709f20022dc3879912f31538e8785d6cd66fae742bb4a9ef5e0bbf2d173

HTTP Headers

GET /_nuxt/desktop/default/Registration.Fields-0879ec04.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/javascript; charset=utf-8
content-length: 7500
cache-control: max-age=86400
content-encoding: gzip
etag: "641c4eff-1d4c"
expires: Sun, 26 Mar 2023 12:37:33 GMT
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 11779
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-412089.top/seo-module-api/api/v1/links/canonical?group_id=285&ref_id=1&url=https:%2F%2F1xlite-412089.top%2Fen%2Fregistration&geo=no&language=en

178.253.15.19

200 OK

111 B

URL HTTP/2
1xlite-412089.top/seo-module-api/api/v1/links/canonical?group_id=285&ref_id=1&url=https:%2F%2F1xlite-412089.top%2Fen%2Fregistration&geo=no&language=en
IP
178.253.15.19:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
111 B (111 bytes)
Hash
3915641719ed49f77cae5e8e028c0f78
2aa8add56f160ab0f0094c8cf13e977beeaac9a6
7fbea478c44d770721f7b436fec46fda0db27a193b6341559e01b66f9c873f2f

HTTP Headers

GET /seo-module-api/api/v1/links/canonical?group_id=285&ref_id=1&url=https:%2F%2F1xlite-412089.top%2Fen%2Fregistration&geo=no&language=en HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1679777408; _ga_7JGWL9SV66=GS1.1.1679759645.1.1.1679759645.60.0.0; _ga=GA1.1.117090981.1679759645; ggru=125
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json
content-length: 111
cache-control: max-age=1200, must-revalidate, public
server-timing: p;dur=117.49982833862
x-content-digest: en8f379d34ec1885f8038de17730fac219
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/seo-module-api/api/v1/metadata?group_id=285&ref_id=1&url=https:%2F%2F1xlite-412089.top%2Fen%2Fregistration&geo=no&language=en

178.253.15.19

200 OK

188 B

URL HTTP/2
1xlite-412089.top/seo-module-api/api/v1/metadata?group_id=285&ref_id=1&url=https:%2F%2F1xlite-412089.top%2Fen%2Fregistration&geo=no&language=en
IP
178.253.15.19:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
188 B (188 bytes)
Hash
060fc0289c8bd78573f162e148c60531
a6c1f32ebb40945d13af45129188d3fb9afe3d43
4c0cf1e5bdff7e04a71a949ccecd990b2e5883ca294ae51bb96b2d97bf49acc3

HTTP Headers

GET /seo-module-api/api/v1/metadata?group_id=285&ref_id=1&url=https:%2F%2F1xlite-412089.top%2Fen%2Fregistration&geo=no&language=en HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1679777408; _ga_7JGWL9SV66=GS1.1.1679759645.1.1.1679759645.60.0.0; _ga=GA1.1.117090981.1679759645; ggru=125
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json
content-length: 188
cache-control: max-age=1200, must-revalidate, public
server-timing: p;dur=128.42392921448
x-content-digest: en3b94b6467b711120a75a7e3c2b85be4e
age: 0
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je33m0&_p=535291973&_gaz=1&cid=117090981.1679759645&ul=en-us&sr=1280x1024&_s=1&sid=1679759645&sct=1&seg=0&dl=https%3A%2F%2F1xlite-412089.top%2Fen%2Fregistration&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1

216.239.32.36

204 No Content

0 B

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je33m0&_p=535291973&_gaz=1&cid=117090981.1679759645&ul=en-us&sr=1280x1024&_s=1&sid=1679759645&sct=1&seg=0&dl=https%3A%2F%2F1xlite-412089.top%2Fen%2Fregistration&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je33m0&_p=535291973&_gaz=1&cid=117090981.1679759645&ul=en-us&sr=1280x1024&_s=1&sid=1679759645&sct=1&seg=0&dl=https%3A%2F%2F1xlite-412089.top%2Fen%2Fregistration&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-412089.top
date: Sat, 25 Mar 2023 15:53:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5716bd17f0cc1d649bcba4a6400ad0fa
752def7b1cf7d2f2e8213b28cb17f93e1015d333
ef78bd37975cc2a43c78562c8fcd9977f92a2ef525b87cfcef89f114f28eac3b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1xlite-412089.top/web-api/api/v3/bonuses/first-deposit

178.253.15.19

200 OK

8.1 kB

URL HTTP/2
1xlite-412089.top/web-api/api/v3/bonuses/first-deposit
IP
178.253.15.19:0
ASN
#0

File type
data
Size
8.1 kB (8096 bytes)
Hash
2ee655bbcda7ceec621ed763cc580b94
f5357ff3460d445ab2e4d69764cc868677debd3d
24a44ed378ce74368dc8b2336e6fe9fd6b44b81d4573590aa23f110e1e594633

HTTP Headers

GET /web-api/api/v3/bonuses/first-deposit HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=16, dt_285;dur=17
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=117090981.1679759645&jid=481220369&gjid=1429323983&_gid=113048940.1679759646&_u=aCDAAUACQAAAACAAI~&z=1086353889

173.194.221.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=117090981.1679759645&jid=481220369&gjid=1429323983&_gid=113048940.1679759646&_u=aCDAAUACQAAAACAAI~&z=1086353889
IP
173.194.221.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-178408567-1&cid=117090981.1679759645&jid=481220369&gjid=1429323983&_gid=113048940.1679759646&_u=aCDAAUACQAAAACAAI~&z=1086353889 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://1xlite-412089.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 25 Mar 2023 15:53:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.g.doubleclick.net/g/collect?v=2&tid=G-7JGWL9SV66&cid=117090981.1679759645&gtm=45je33m0&aip=1

173.194.221.155

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-7JGWL9SV66&cid=117090981.1679759645&gtm=45je33m0&aip=1
IP
173.194.221.155:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&cid=117090981.1679759645&gtm=45je33m0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-412089.top
date: Sat, 25 Mar 2023 15:53:52 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
eef4409d0ad90e2899e538028bd3fa76
2d6edd13cbd2d201ef921fc33c053aec8f8b740c
61eef3a534769ac291c82d37206b392dea96af36a38e9d7da4cf0fb2d5d2342d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

729 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
729 B (729 bytes)
Hash
057651fa70382ff4273c2723388397a7
4e4a1514b701bfaf206f4e95871858c95e34ca03
f1a1b4e30b66b371aab848feb6a86d80c796a1701267f6c47cb88eb1032acf0d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/api.js?render=explicit&hl=en

142.250.74.132

200 OK

557 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=explicit&hl=en
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (852), with no line terminators
Size
557 B (557 bytes)
Hash
c059857f8612700102dd124518e33e93
e079fbee5e81c26f50b1652e799242959869a62d
4f5c449c5ff3300bd0f69d0077ec5786089e41d8cc3832cf6e7d28b050d1db02

HTTP Headers

GET /recaptcha/api.js?render=explicit&hl=en HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sat, 25 Mar 2023 15:53:54 GMT
date: Sat, 25 Mar 2023 15:53:54 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

44 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
44 kB (43643 bytes)
Hash
414ecf8c9a7cb514a291e7ba61a090ab
84164e5a141c411ab9525cded1449c4978bc5e87
cd3611898e4c6059c0fe186c25970bcb3c7df0c2d7e06051756e96db256fefc2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 15:53:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js

142.250.74.35

200 OK

166 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (597)
Size
166 kB (166058 bytes)
Hash
4043af37a3392a9db521ff9ab62d9608
83828688e7a2259ed2f77345851a16122383b422
ee076822f35390ee382cda71759a2eec8f4db2bc18e4e3acd586173c29dab321

HTTP Headers

GET /recaptcha/releases/vpEprwpCoBMgy-fvZET0Mz6L/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166058
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 20 Mar 2023 16:20:35 GMT
expires: Tue, 19 Mar 2024 16:20:35 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Mar 2023 04:02:00 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 430399
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:44 GMT
expires: Sat, 23 Mar 2024 10:26:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 106031
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:45 GMT
expires: Sat, 23 Mar 2024 10:26:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
age: 106030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 24 Mar 2023 10:26:45 GMT
expires: Sat, 23 Mar 2024 10:26:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 106030
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1x-xredbet088981.top/registration/

178.253.47.27

307 Temporary Redirect

0 B

URL HTTP/2
1x-xredbet088981.top/registration/
IP
178.253.47.27:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /registration/ HTTP/1.1
Host: 1x-xredbet088981.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 307 Temporary Redirect
server: nginx
date: Sat, 25 Mar 2023 15:53:48 GMT
content-type: text/html; charset=utf-8
location: https://1xlite-412089.top/registration/
x-frame-options: SAMEORIGIN
set-cookie: SESSION=7e1f6b20632d03427e4fb7a0173126f2; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
auid=sv0vG2QfGQwaa3h1A0DTAg==; path=/; secure; httponly; samesite=lax
x-reason: 1080,1078,1074,1015,1021
cache-control: no-cache, private
server-timing: p;dur=88
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/_nuxt/Desktop/Default/svg-sprites/country-2000204.svg

178.253.15.19

200 OK

0 B

URL HTTP/2
1xlite-412089.top/_nuxt/Desktop/Default/svg-sprites/country-2000204.svg
IP
178.253.15.19:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_nuxt/Desktop/Default/svg-sprites/country-2000204.svg HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1679777408; _ga_7JGWL9SV66=GS1.1.1679759645.1.1.1679759645.60.0.0; _ga=GA1.2.117090981.1679759645; ggru=125; _gid=GA1.2.113048940.1679759646
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Thu, 23 Mar 2023 13:07:11 GMT
etag: W/"641c4eff-26288"
expires: Sun, 26 Mar 2023 15:48:33 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/web-api/q/fc00c495dec2c6b18de4f5266b1d7f4f85465073e

178.253.15.19

200 OK

0 B

URL HTTP/2
1xlite-412089.top/web-api/q/fc00c495dec2c6b18de4f5266b1d7f4f85465073e
IP
178.253.15.19:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /web-api/q/fc00c495dec2c6b18de4f5266b1d7f4f85465073e HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-412089.top/en/registration?type=fast
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://1xlite-412089.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1679777408; _ga_7JGWL9SV66=GS1.1.1679759645.1.1.1679759645.60.0.0; _ga=GA1.2.117090981.1679759645; ggru=125; _gid=GA1.2.113048940.1679759646; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=32, dt_285;dur=34
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap

172.217.21.170

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap
IP
172.217.21.170:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 25 Mar 2023 15:53:49 GMT
date: Sat, 25 Mar 2023 15:53:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1xlite-412089.top/web-api/registration

178.253.15.19

200 OK

0 B

URL HTTP/2
1xlite-412089.top/web-api/registration
IP
178.253.15.19:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /web-api/registration HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Content-Type: application/json
Content-Length: 18
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
server-timing: dt_285;dur=78
set-cookie: is_rtl=1; expires=Sun, 24-Mar-2024 15:53:52 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
fast_coupon=true; expires=Sat, 01-Apr-2023 15:53:52 GMT; Max-Age=604800; path=/
v3fr=1; expires=Tue, 28-Mar-2023 15:53:52 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/web-api/registration/fields

178.253.15.19

200 OK

0 B

URL HTTP/2
1xlite-412089.top/web-api/registration/fields
IP
178.253.15.19:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /web-api/registration/fields HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Content-Type: application/json
Content-Length: 19
Origin: https://1xlite-412089.top
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1679777408; _ga_7JGWL9SV66=GS1.1.1679759645.1.1.1679759645.60.0.0; _ga=GA1.1.117090981.1679759645; ggru=125
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:52 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
server-timing: dt_285;dur=87
set-cookie: is_rtl=1; expires=Sun, 24-Mar-2024 15:53:52 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-412089.top/web-api/default/img/icons/pixels2.svg?v=1679759645

178.253.15.19

200 OK

0 B

URL HTTP/2
1xlite-412089.top/web-api/default/img/icons/pixels2.svg?v=1679759645
IP
178.253.15.19:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /web-api/default/img/icons/pixels2.svg?v=1679759645 HTTP/1.1
Host: 1xlite-412089.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-412089.top/en/registration
Cookie: platform_type=desktop; auid=sv0PE2QfGQyDkwIaAztuAg==; SESSION=5b376a772f6c2baecbc9389e1e4a9974; lng=en; tzo=1; window_width=1280; che_g=0037db6f-7f20-d727-30a9-0a0c14db1984
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 15:53:51 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=32, dt_285;dur=34
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (50)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML