1x-xredbet478860.top/lpage/landing_first_deposit_football8_p45_TN213
178.253.48.30301 Moved Permanently 162 B URL HTTP/1.1 1x-xredbet478860.top/lpage/landing_first_deposit_football8_p45_TN213
IP 178.253.48.30:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
GET /lpage/landing_first_deposit_football8_p45_TN213 HTTP/1.1
Host: 1x-xredbet478860.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 19 Sep 2022 09:51:52 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://1x-xredbet478860.top/lpage/landing_first_deposit_football8_p45_TN213
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 19 Sep 2022 09:12:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: td_aH2xGOFf5lULOaffohUj4YvEwZdDXWcmn2SP1tTKdgefkQPYw2w==
Age: 2352
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 861cfa99de956423d917ed0ddbea4b9c
ad65dbc394b48b04a45c205f56af296c8d008db4
5c706b2718b1698995f4feb91223779aef4bf6dc967c31f9ef9a93873197d5f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5C706B2718B1698995F4FEB91223779AEF4BF6DC967C31F9EF9A93873197D5F9"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4489
Expires: Mon, 19 Sep 2022 11:06:41 GMT
Date: Mon, 19 Sep 2022 09:51:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 19 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 4f01f770085624552bc30a98954f963a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M3UsvqBZZGhkhAW_vZ7s_45bTKegfaFzikrUfylACfaNJ5EO8sn4bw==
age: 18999
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9bcc63af4e3470c0b500b96304d35a85
574b50eec8dca59a6a5b714044e84b858d028c2a
89850408ebe3b77b9d46c03d862943e54ccd5e6faa78b81813f81fdfcea162db
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "89850408EBE3B77B9D46C03D862943E54CCD5E6FAA78B81813F81FDFCEA162DB"
Last-Modified: Mon, 19 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8867
Expires: Mon, 19 Sep 2022 12:19:39 GMT
Date: Mon, 19 Sep 2022 09:51:52 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
1x-xredbet478860.top/lpage/landing_first_deposit_football8_p45_TN213
178.253.48.30307 Temporary Redirect 538 B URL HTTP/2 1x-xredbet478860.top/lpage/landing_first_deposit_football8_p45_TN213
IP 178.253.48.30:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash d29cedd9506f8f3bd9623eefdbb02cb8
a9ad0a0cbcdd7e4122c8ad4362954a903f0bad2e
51726d03cd9a978973176cee7054081fbe6c6a0fce9b6dc1107532ab412a001d
Analyzer Verdict Alert quad9 Sinkholed
GET /lpage/landing_first_deposit_football8_p45_TN213 HTTP/1.1
Host: 1x-xredbet478860.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 307 Temporary Redirect
server: nginx
date: Mon, 19 Sep 2022 09:51:52 GMT
content-type: text/html; charset=utf-8
content-length: 538
location: https://lite-1x283524.top/lpage/landing_first_deposit_football8_p45_TN213
x-frame-options: SAMEORIGIN
set-cookie: SESSION=51ab6770c2e5c48cc54b684188736e6a; path=/; secure; HttpOnly; SameSite=Lax
lng=en; expires=Wed, 19-Oct-2022 09:51:52 GMT; Max-Age=2592000; path=/
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
flaglng=en; expires=Wed, 19-Oct-2022 09:51:52 GMT; Max-Age=2592000; path=/
auid=sv0wHmMoO7h4d3gtBBUrAg==; expires=Tue, 19-Sep-23 09:51:52 GMT; path=/
x-reason: 1080,1078,1074,1015,1104
cache-control: no-cache, private
server-timing: p;dur=84
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0cbecc194fd7ff465fac3a4d18035cb0
c915aef5e55ebfe2fac096a07e66d77b30d1c2f6
d89879b81b0f62f00e92c516129be08addad397a9dbbd134c3f2549e43f34a46
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D89879B81B0F62F00E92C516129BE08ADDAD397A9DBBD134C3F2549E43F34A46"
Last-Modified: Sat, 17 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5843
Expires: Mon, 19 Sep 2022 11:29:15 GMT
Date: Mon, 19 Sep 2022 09:51:52 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Mon, 19 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Mon, 19 Sep 2022 10:03:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vxE4T_0YdE386RBTdciK5NKuGLJa-3BCz-DkV_0Vhgm2GV9KxXlgMQ==
Age: 2910
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6303
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:51:53 GMT
Last-Modified: Mon, 19 Sep 2022 08:06:50 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.17.90101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.17.90:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qc3nBa51dDiPxVzocYhvgw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: XzeROAn5wrlyo55M9SKLHlrZrM0=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11855
Expires: Mon, 19 Sep 2022 13:09:28 GMT
Date: Mon, 19 Sep 2022 09:51:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11855
Expires: Mon, 19 Sep 2022 13:09:28 GMT
Date: Mon, 19 Sep 2022 09:51:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 85aa2dcaf76d25900c78356e5e1c254f
46cd66c9921a162c9e67cfa7d85bc82e5967d531
741815f43b76661b9edde512bc9061cb4bc659b297e7d822bf8e68e5aac9d23d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "741815F43B76661B9EDDE512BC9061CB4BC659B297E7D822BF8E68E5AAC9D23D"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11855
Expires: Mon, 19 Sep 2022 13:09:28 GMT
Date: Mon, 19 Sep 2022 09:51:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4098577adb98eae5ba4a8b5e143df71
b0ad467f2837d103f8a96fb732bd34176c4c7110
83aa54020ffc684690dfb58d78608411de38ab02fee50808a8243c6b388e77c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd460ce9f-ea5c-436e-8b02-8ec8233b9681.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5064
x-amzn-requestid: 985dbd5b-3e8a-4e22-a974-1effa6c99112
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOS8FyBoAMFrCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790df-201df5494f1513b91eefe9d5;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RWcHVQkq3COqcWuVRgOdpVDi7VFrdjpu4q-NU0D3iod1B58xF4K_Yw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:55 GMT
age: 43198
etag: "b0ad467f2837d103f8a96fb732bd34176c4c7110"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash da8b8819fc21dcfb224ce0e7ecdc6772
e460ad4376cd118a6fe8b6b050af9398117d9531
9d0cf5fe17040e6c494d1596c24f01501babff37c95caa47d048b5e1aefa7697
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6582596-5079-44f5-a869-65c8766f7d1a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9901
x-amzn-requestid: e1792a3b-1893-48a6-8d01-463050259dc2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiGMYE3IoAMFgvQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323ea4f-42ab13411e65943538101b11;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:15:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: XmcyJv7bahHB4wMjFmgvh2fEkJJYLPhRrISZ_DczSErdEQjXIxWUvg==
via: 1.1 0800f067ff646622f3e8e507cb9b52e8.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 03:58:21 GMT
age: 21212
etag: "e460ad4376cd118a6fe8b6b050af9398117d9531"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lite-1x283524.top/US/lpage/landing_first_deposit_football8_p45_TN213
178.253.49.6301 Moved Permanently 11 kB URL HTTP/2 lite-1x283524.top/US/lpage/landing_first_deposit_football8_p45_TN213
IP 178.253.49.6:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 87bddc1f919e51c976d5377040861ea6
f5bf6c28f20414c7dd3ac1098defc46d3d68fd99
28541ca828b6358c8e6081e9f2022e7ad18a8adcb3df09a3fa079f32c08fcda6
Analyzer Verdict Alert quad9 Sinkholed
GET /US/lpage/landing_first_deposit_football8_p45_TN213 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 301 Moved Permanently
server: nginx
date: Mon, 19 Sep 2022 09:51:53 GMT
location: /us/landing-page/landing_first_deposit_football8_p45_tn213
server-timing: total;dur=269;desc="Nuxt Server Time", dt_285;dur=271
set-cookie: SESSION=48dc061c1ac2847ec2937ab29fadc34d; Path=/; HttpOnly; Secure; SameSite=Lax
lng=us; Path=/
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f2b49224f40b4ea819e0c66fc155eec
d37b9b044bdb469678433766470ed36a2384817f
b94b1d4e0df0bac9b4a2b5c86bee900248614756fb24e2b7b182a871b425b2ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45d6cb12-076a-432f-9153-165d4ddfa7b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11345
x-amzn-requestid: 6b78aa51-b7d1-494b-93f9-6906911efa7a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YowwkHc9IAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632694d0-0f0b85eb5172e8014f0db2a9;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 03:47:28 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: en9bQR-hlcvBUJkgkKnLgBtYNUbSywwHJ4GZE76oN8eP6m8EnlDgdw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 07:21:41 GMT
age: 9012
etag: "d37b9b044bdb469678433766470ed36a2384817f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1105b56cf779b6df1cbd081bbd0cda50
58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c
10c1f0433baf51e06565ff905688075aaba8fec0a8b3f9cef34168e297f94c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e5b5676-18df-4d43-8bbd-b85ffe4f1a94.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5866
x-amzn-requestid: 3a7db39d-cd4f-486f-954b-39fc7464706c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrNeAE67IAMFSoQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63278f8c-66a419ac7fbd977f5f41061b;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:37:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: TdVz72qdwMdsuW1WsOq1qEZk2vmbXJlbppLTTsZ9PlrmN7GEph0dyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:51:43 GMT
age: 43210
etag: "58c5d6f8ba1d3236d788ac55ff7cb2ec7863fb5c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65ee14de38a7fcd768ede2f1915c74e4
85119aaf7195d59efc55e36d026bd026060195aa
62569b46e8af692f1d95d707ffdca24075ff6c68e68e13159ab7798b30a7755b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F928a31e7-ade8-4c58-8c67-53db1e3d019e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11712
x-amzn-requestid: d4547112-6faa-472e-ade1-bbbda9c3bea4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YrOSTFiXIAMFiLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632790db-151bae0c351a94a40c48bfbc;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 21:42:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: uRrPwbwQ6oBOYhMmxs6YquvIEBKaAC51d98J_5MWYkh-Q8Qg1LVdiw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 21:52:21 GMT
age: 43172
etag: "85119aaf7195d59efc55e36d026bd026060195aa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lite-1x283524.top/static-promotion/6f2b9b5.modern.js
178.253.49.6200 OK 3.3 kB URL HTTP/2 lite-1x283524.top/static-promotion/6f2b9b5.modern.js
IP 178.253.49.6:0
File type ASCII text, with very long lines (6238), with no line terminators
Hash 5c2765768c33af24887b59a1bdfaeffd
e0d921cf8894815de65f299ebed41d11e6ac5d96
2a1881ac3a4edb8b6dd376775922196fcdf9155f87f5d582a94be8fcb2a6c727
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/6f2b9b5.modern.js HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 3348
last-modified: Fri, 16 Sep 2022 10:23:24 GMT
vary: Accept-Encoding
etag: "63244e9c-d14"
content-encoding: gzip
expires: Mon, 19 Sep 2022 10:51:53 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:51:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x283524.top/static-promotion/774491d.modern.js
178.253.49.6200 OK 80 kB URL HTTP/2 lite-1x283524.top/static-promotion/774491d.modern.js
IP 178.253.49.6:0
File type ASCII text, with very long lines (65485)
Hash 0438a32237d36ebcd28ff313bced62c8
074125b57211820198e27957c89d7432196784c6
3ccf21d8c9679e734d01827b1b8b06a4ec13d45dd3fae93db5ef6485ea4f6bce
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/774491d.modern.js HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 79532
last-modified: Fri, 16 Sep 2022 10:23:24 GMT
vary: Accept-Encoding
etag: "63244e9c-136ac"
content-encoding: gzip
expires: Mon, 19 Sep 2022 10:51:53 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/static-promotion/cf07ac7.modern.js
178.253.49.6200 OK 89 kB URL HTTP/2 lite-1x283524.top/static-promotion/cf07ac7.modern.js
IP 178.253.49.6:0
File type ASCII text, with very long lines (65485)
Hash e2b150aefaf915e18d5496443a79b4d0
1daf9abb761c7fe2d9b29b763616180b54884ea9
270bfb64796714ab714b9d43f440654e7a8cf46950e56d82f2f73d43875d642f
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/cf07ac7.modern.js HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 88723
last-modified: Fri, 16 Sep 2022 10:23:24 GMT
vary: Accept-Encoding
etag: "63244e9c-15a93"
content-encoding: gzip
expires: Mon, 19 Sep 2022 10:51:53 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/static-promotion/c874701.modern.js
178.253.49.6200 OK 130 kB URL HTTP/2 lite-1x283524.top/static-promotion/c874701.modern.js
IP 178.253.49.6:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 130 kB (129819 bytes)
Hash eb9f24fae1271863b805a1502304fe68
a2d85a1bde27e2e4170142f4bb795df5b13b00f9
8c37b604b511bffc786973c35cf1250a2d09eee889167fd1542bd0c3880fd214
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/c874701.modern.js HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 129819
last-modified: Fri, 16 Sep 2022 10:23:24 GMT
vary: Accept-Encoding
etag: "63244e9c-1fb1b"
content-encoding: gzip
expires: Mon, 19 Sep 2022 10:51:53 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash eaa8b4aa123f9dd7237c5c51d2f848d9
1082f5f6ef7229ec76f94f3d236f273b26294563
d1ad33dae2fcab5c7d66875f0e7a01cc30e0b3a031606917fa5448c54f84e20d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:51:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b79dab0abb80d80f01eac05d0c552098
33058e7201e43a6ef65eb475a4461e047010d197
abf5ccfe1415e80e4dc5a59be7d08600da242ffcc37dfe3b89a3bd4c0e5d727e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 09:51:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 02:31:57 GMT
Expires: Sat, 24 Sep 2022 02:31:56 GMT
Etag: "33058e7201e43a6ef65eb475a4461e047010d197"
Cache-Control: max-age=405002,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d16ce97e380b3d-OSL
v3.cdnsfree.com/status.json
8.247.218.250200 OK 21 B URL HTTP/2 v3.cdnsfree.com/status.json
IP 8.247.218.250:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c4bb18933a5fd13d100077a00adf5161
957c1ddeabbf35fcdcaf731cf9611f4703864212
a7e828c3613677202207c42052a2135aefd9af7130f8ac20bb3307277a255db0
GET /status.json HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:53 GMT
content-type: application/json
content-length: 21
server: nginx
access-control-allow-origin: *
age: 2748941
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b79dab0abb80d80f01eac05d0c552098
33058e7201e43a6ef65eb475a4461e047010d197
abf5ccfe1415e80e4dc5a59be7d08600da242ffcc37dfe3b89a3bd4c0e5d727e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 09:51:53 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 02:31:57 GMT
Expires: Sat, 24 Sep 2022 02:31:56 GMT
Etag: "33058e7201e43a6ef65eb475a4461e047010d197"
Cache-Control: max-age=405002,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d16ce97c720b51-OSL
v3.cdnsfree.com/_nuxt/desktop/default/2e6d6485.modern.js
8.247.218.250200 OK 466 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/2e6d6485.modern.js
IP 8.247.218.250:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 466 kB (466333 bytes)
Hash a7e20f144d2812495f9ee6b578f8982e
b40386b7023a0b765fa13ee81d49df4d5ce083be
b1a1981766ddfb905f011378c2f0d264693e2099cea0d885e2ce6bd256a23d54
GET /_nuxt/desktop/default/2e6d6485.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 466333
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-71d9d"
expires: Tue, 20 Sep 2022 09:34:36 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1038
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
8.247.218.250200 OK 705 B URL HTTP/2 v3.cdnsfree.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP 8.247.218.250:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash bb246c88651f63256e658dccd79ba91f
560cf8f76dad56a5c10a0f66cc4a200df301265d
30e59f903e6fab358b7bfb110a8bf83aefaf5376f2c60293a20f58c9f9fc45e8
GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:53 GMT
content-type: image/svg+xml
content-length: 705
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Mon, 19 Sep 2022 09:48:44 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 312
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/9b464ab8.modern.js
8.247.218.250200 OK 6.5 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/9b464ab8.modern.js
IP 8.247.218.250:0
File type ASCII text, with very long lines (16678), with no line terminators
Hash 7ad39eb9337398eb9b7e7f9b8a4c7d38
fd55bbc072825dbaab27e58dc3fd0a2e0deffbb5
66076b9a9ca66186bd92e6e8496e02cdbf7c9ccfa684614bd13c47f1603004c4
GET /_nuxt/desktop/default/9b464ab8.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 6454
cache-control: max-age=86400
content-encoding: gzip
etag: "63247837-1936"
expires: Tue, 20 Sep 2022 09:34:36 GMT
last-modified: Fri, 16 Sep 2022 13:20:55 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1037
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/c965b857.css
8.247.218.250200 OK 218 B URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/c965b857.css
IP 8.247.218.250:0
File type ASCII text, with very long lines (408), with no line terminators
Hash 5c8ea0ec95ea368e64db430b2b38a276
da9b4f1bbc709bc18b6ed2c655a7b851a7fd5bdd
5c1017366a2a450ffd197f2e55139305a9b7caaac457bfd35f8383faa2b00fd0
GET /_nuxt/desktop/default/css/c965b857.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:53 GMT
content-type: text/css
content-length: 218
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-da"
expires: Mon, 19 Sep 2022 10:36:40 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 83713
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/07afb10c.modern.js
8.247.218.250200 OK 1.8 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/07afb10c.modern.js
IP 8.247.218.250:0
File type ASCII text, with very long lines (4707), with no line terminators
Hash 7ad43d9ec40c2456502ae97d5349a4a9
f8701b748398a1daf45e0971e937719386fd278c
7b06529f38a21859ce3154ab5df7e0bf634cef3b592237ffa421188ba1021936
GET /_nuxt/desktop/default/07afb10c.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 1815
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-717"
expires: Mon, 19 Sep 2022 10:11:54 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 85997
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/f4e98fb4.css
8.247.218.250200 OK 67 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/f4e98fb4.css
IP 8.247.218.250:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash b8aa25bdb278506c56e0b64605968077
4e52b8f725ce35f7bc5da2d1b46e50ae8a35acad
430a68e599a8d37ecac6c79ac8068fb7076bb4efacc378f6547297f18f98d678
GET /_nuxt/desktop/default/css/f4e98fb4.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:53 GMT
content-type: text/css
content-length: 66944
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-10580"
expires: Mon, 19 Sep 2022 12:46:29 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 75924
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b79dab0abb80d80f01eac05d0c552098
33058e7201e43a6ef65eb475a4461e047010d197
abf5ccfe1415e80e4dc5a59be7d08600da242ffcc37dfe3b89a3bd4c0e5d727e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 09:51:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 02:31:57 GMT
Expires: Sat, 24 Sep 2022 02:31:56 GMT
Etag: "33058e7201e43a6ef65eb475a4461e047010d197"
Cache-Control: max-age=405002,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d16ce97ef2b515-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b79dab0abb80d80f01eac05d0c552098
33058e7201e43a6ef65eb475a4461e047010d197
abf5ccfe1415e80e4dc5a59be7d08600da242ffcc37dfe3b89a3bd4c0e5d727e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 09:51:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 02:31:57 GMT
Expires: Sat, 24 Sep 2022 02:31:56 GMT
Etag: "33058e7201e43a6ef65eb475a4461e047010d197"
Cache-Control: max-age=405002,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d16ce97ffd0b06-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash b79dab0abb80d80f01eac05d0c552098
33058e7201e43a6ef65eb475a4461e047010d197
abf5ccfe1415e80e4dc5a59be7d08600da242ffcc37dfe3b89a3bd4c0e5d727e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 19 Sep 2022 09:51:54 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 17 Sep 2022 02:31:57 GMT
Expires: Sat, 24 Sep 2022 02:31:56 GMT
Etag: "33058e7201e43a6ef65eb475a4461e047010d197"
Cache-Control: max-age=405002,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74d16ce97c58b511-OSL
v3.cdnsfree.com/_nuxt/desktop/default/b4d8550c.modern.js
8.247.218.250200 OK 100 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/b4d8550c.modern.js
IP 8.247.218.250:0
File type ASCII text, with very long lines (65479)
Size 100 kB (100119 bytes)
Hash 067e1b15ca2f90d6fb8cf22fe43a484b
2f36d89fc40b4fb4c4d36af73e54d8cecc97b625
f8ab9e917ac76442e274ce66b067095292b8ab89123dfafddc8616f0c393a9b3
GET /_nuxt/desktop/default/b4d8550c.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 100119
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-18717"
expires: Tue, 20 Sep 2022 09:34:36 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1039
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/css/06b6b28a.css
8.247.218.250200 OK 27 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/css/06b6b28a.css
IP 8.247.218.250:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 562a5361d28f6972340c04bc616e5a13
362601e7ad45873b395d6d69cee8781a18e8bc00
0c9072a112c3154b8cba45110231742b66beaee791313d6de92a0dfaf7f6f3e7
GET /_nuxt/desktop/default/css/06b6b28a.css HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: text/css
content-length: 27151
cache-control: max-age=86400
content-encoding: gzip
etag: "63247837-6a0f"
expires: Mon, 19 Sep 2022 18:15:22 GMT
last-modified: Fri, 16 Sep 2022 13:20:55 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 56192
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/1bb0c6e5.modern.js
8.247.218.250200 OK 325 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/1bb0c6e5.modern.js
IP 8.247.218.250:0
File type Unicode text, UTF-8 text, with very long lines (65399)
Size 325 kB (324640 bytes)
Hash 759ea1b5a7f9d2f05ac95ef53ee17fa4
12d398bf72ddae18343c847bd433699b66e18c3d
8e13067d0a30d107836e2c86f9fff39137235b6a4d7922324697f241d1bb56d7
GET /_nuxt/desktop/default/1bb0c6e5.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 324640
cache-control: max-age=86400
content-encoding: gzip
etag: "63247837-4f420"
expires: Tue, 20 Sep 2022 09:34:36 GMT
last-modified: Fri, 16 Sep 2022 13:20:55 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1039
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:51:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:51:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 397066
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 17 Sep 2022 02:02:22 GMT
expires: Sun, 17 Sep 2023 02:02:22 GMT
cache-control: public, max-age=31536000
age: 200972
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x283524.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
178.253.49.6200 OK 352 B URL HTTP/2 lite-1x283524.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP 178.253.49.6:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 20 Sep 2022 09:51:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a9323cf0781cad0d5ac23f0c81c105b1
772d0218be53da9f875bb96a287c904976c296da
5c808b03cd8dd26275f12a850d8a36b467246c1461ea65a4c717acb04f2ca722
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:51:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x283524.top/web-api/external-api/config/all
178.253.49.6200 OK 12 kB URL HTTP/2 lite-1x283524.top/web-api/external-api/config/all
IP 178.253.49.6:0
Hash 856ce753974b21fa9601b8788e653196
5675fabfc6dc387b42d100e957e249feda6fdf33
b0cfdbfc526a88f22dfde44d4360d1a5f939aad926a30c4839e0d912d8b2376d
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/external-api/config/all HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=66, dt_285;dur=67
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/genfiles/web-app-v2/dictionary/prod/v3_landings/us/dictionary_faddc068466492cb72fb5652434b5055.js
178.253.49.6200 OK 544 B URL HTTP/2 lite-1x283524.top/genfiles/web-app-v2/dictionary/prod/v3_landings/us/dictionary_faddc068466492cb72fb5652434b5055.js
IP 178.253.49.6:0
File type ASCII text, with very long lines (544), with no line terminators
Hash faddc068466492cb72fb5652434b5055
30fef939dc4312665880fc79f1545e91ccc4be61
1e28262198b32ebed27741cd2e2b1f3b29ba0db3a61d3d9b60dc5513907e224f
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/web-app-v2/dictionary/prod/v3_landings/us/dictionary_faddc068466492cb72fb5652434b5055.js HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 544
last-modified: Tue, 15 Feb 2022 12:33:42 GMT
x-rgw-object-type: Normal
etag: "faddc068466492cb72fb5652434b5055"
cache-control: max-age=3600
expires: Mon, 19 Sep 2022 10:51:54 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/external-api/config/getLangs
178.253.49.6200 OK 2.4 kB URL HTTP/2 lite-1x283524.top/web-api/external-api/config/getLangs
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with very long lines (6936), with no line terminators
Hash 403b560d40083200ccd52cf2a6dde7c6
f749e97f0e0b7f510ed3b557deccd0246bee5ce8
88bc916927f9bfdcd4b5a31bda66b3f5f1f26620fce0508599bb2de25fc1e3a5
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/config/getLangs HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=32, dt_285;dur=35
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/_nuxt/desktop/default/css/c965b857.css
178.253.49.6200 OK 218 B URL HTTP/2 lite-1x283524.top/_nuxt/desktop/default/css/c965b857.css
IP 178.253.49.6:0
File type ASCII text, with very long lines (408), with no line terminators
Hash 5c8ea0ec95ea368e64db430b2b38a276
da9b4f1bbc709bc18b6ed2c655a7b851a7fd5bdd
5c1017366a2a450ffd197f2e55139305a9b7caaac457bfd35f8383faa2b00fd0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/css/c965b857.css HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: text/css
content-length: 218
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
vary: Accept-Encoding
etag: "63247836-da"
content-encoding: gzip
expires: Mon, 19 Sep 2022 10:51:54 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1663581095636
178.253.49.6200 OK 145 B URL HTTP/2 lite-1x283524.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1663581095636
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81d90db48c09d6f764c4929c90eadfc1
6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1663581095636 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/img/common.ca61e6bc.svg
8.247.218.250200 OK 42 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/img/common.ca61e6bc.svg
IP 8.247.218.250:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 41b1fc849f8c53c3369f71d6b593274e
5dfad2a78990dc2174380eb1178cbab9670651fe
6c8e1cdd67924e4198d7e3101357bcd99d804e3c173096b80652b98ed7ddf83b
GET /_nuxt/desktop/default/img/common.ca61e6bc.svg HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: image/svg+xml
content-length: 42495
cache-control: max-age=86400
content-encoding: gzip
etag: W/"63247836-18849"
expires: Mon, 19 Sep 2022 11:52:39 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 79159
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/f1f61e96.modern.js
8.247.218.250200 OK 1.0 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/f1f61e96.modern.js
IP 8.247.218.250:0
File type ASCII text, with very long lines (2404), with no line terminators
Hash 891bf76d0dd86f20e254a549eb515c31
c1360efa63869fb436916c1b9502ad3313f9e1cb
843332cc230c93b6ebcfa5b1a5868495b8060f201162a103d7e3ed6e3833c5be
GET /_nuxt/desktop/default/f1f61e96.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: application/javascript; charset=utf-8
content-length: 1030
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-406"
expires: Tue, 20 Sep 2022 09:34:40 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1034
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/version.json?timestamp=1663581095679
178.253.49.6200 OK 11 B URL HTTP/2 lite-1x283524.top/version.json?timestamp=1663581095679
IP 178.253.49.6:0
Hash 0d5e105661240d3eea2a0d91232b8e34
9b8208c92723c478e00a6a4f281aff28e26978cf
e147427915dad1e4d5339dd3f09c1fdcec97e93236ae7c92fb3ba9aaf847859c
Analyzer Verdict Alert quad9 Sinkholed
GET /version.json?timestamp=1663581095679 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: application/json; charset=UTF-8
content-length: 11
etag: W/"b-m4IIyScjxHjgCmpPKBr/KOJpeM8"
server-timing: dt_285;dur=4
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:51:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-178408567-1
142.250.74.72200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 90b80a6fa3d5bf79ede863a438928a57
5bef414ff36658b7eb12b4f49c6dfca6d4ca10f6
b71db2accf4e627582f16a0b91c62e879aba5602d9d717a63ff149d8262bede1
GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 19 Sep 2022 09:51:54 GMT
expires: Mon, 19 Sep 2022 09:51:54 GMT
cache-control: private, max-age=900
last-modified: Mon, 19 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42345
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/external-api/landings/landing_first_deposit_football8_p45_tn213
178.253.49.6404 Not Found 47 B URL HTTP/2 lite-1x283524.top/web-api/external-api/landings/landing_first_deposit_football8_p45_tn213
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e7ad4038e108682dfb4bacad8c47a6ac
08ea114abab8a1d2a5bcdb4f431f3b1d4ba3957a
5913035ba53116604f00ddd8b8b41aae6f147f90657e4a4ed0617977c512c8b8
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/landings/landing_first_deposit_football8_p45_tn213 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: application/json
content-length: 47
cache-control: no-cache, private
server-timing: dt_285;dur=113
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 45f95aa258ab932ac2f8a33ff7944ffe
8f52b66e897dab7cb160d481886805ea216f407f
de4fd2aaa566b601e82c38806ec8ea84110b1d63f15efe48186f5bcf70847488
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:51:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
radar.cedexis.com/1593429750/radar.js
45.54.49.5200 OK 19 kB URL HTTP/1.1 radar.cedexis.com/1593429750/radar.js
IP 45.54.49.5:0
ASN #63911 NetActuate, Inc
File type ASCII text, with very long lines (1782)
Hash 2acb3c3179b2646943d1a8f5166743cc
56aa31a4027fec3dd8cc78114c6b0f3604716c14
0ac8b27ab0fd5f6440f4fc51e98694a417ae1402a3ca4feb224643327c079595
GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 19 Sep 2022 09:51:55 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 29 Jun 2020 11:30:33 GMT
Vary: Accept-Encoding
ETag: W/"5ef9d0d9-af5c"
Expires: Mon, 03 Oct 2022 09:51:55 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
178.253.49.6304 Not Modified 0 B URL HTTP/2 lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
IP 178.253.49.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1920
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
If-None-Match: "130d-IHZE3PdEZ922tgX5N/hrC2zr3z0"
TE: trailers
HTTP/2 304 Not Modified
server: nginx
date: Mon, 19 Sep 2022 09:51:55 GMT
etag: "130d-IHZE3PdEZ922tgX5N/hrC2zr3z0"
server-timing: dt_285;dur=3
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 397067
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
142.250.74.163200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 06:19:49 GMT
expires: Fri, 15 Sep 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 358326
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x283524.top/domain-api/api/v1/domains/lite-1x283524.top
178.253.49.6200 OK 84 B URL HTTP/2 lite-1x283524.top/domain-api/api/v1/domains/lite-1x283524.top
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ae7ae3657f4d1822dea8b11fa6a19fe7
a387d096d56f71d0550a5274062dd4e8968e3ed3
ba18e7be1644e594bc323298d0921d457f707950a4e3ba63a473195f60367361
Analyzer Verdict Alert quad9 Sinkholed
GET /domain-api/api/v1/domains/lite-1x283524.top HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: application/vnd.api+json
content-length: 84
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/d06d7d55.modern.js
8.247.218.250200 OK 1.1 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/d06d7d55.modern.js
IP 8.247.218.250:0
File type Unicode text, UTF-8 text, with very long lines (2450), with no line terminators
Hash 9e1e991dfdb09cb3569b842c744854c5
a82afe8c03e416941c352c78d074d89b66b9127c
f6fac5da71037d64f046972e4b3dfd6b8e1472f19f1a8296a122ef580c3364bd
GET /_nuxt/desktop/default/d06d7d55.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 1061
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-425"
expires: Tue, 20 Sep 2022 09:34:52 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1027
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/api/internal/v1/sessions/user
178.253.49.6200 OK 16 B URL HTTP/2 lite-1x283524.top/web-api/api/internal/v1/sessions/user
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 646b2e82b65602d35f7aa6283c387e3a
b163a70c5df8e4b0861a23a04f8a6f78393747f4
b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/internal/v1/sessions/user HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
server-timing: p;dur=24, dt_285;dur=26
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/checker/redirect/stat/run/
178.253.49.6200 OK 49 B URL HTTP/2 lite-1x283524.top/checker/redirect/stat/run/
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b7a9075de81cdb1a9fa74fa71b5126dd
9d651f649e1c5eab95d3b0ca7cc9b02dec41df61
86877f86c7d18d59e54d73c43e6709a91a7f0a6a86980cada7f4b7e69c13cf20
Analyzer Verdict Alert quad9 Sinkholed
GET /checker/redirect/stat/run/ HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1280; che_g=5c9dcd4f-3685-083b-c4d8-40d19aa0bf97
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: application/json; charset=utf-8
content-length: 49
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/d8fe55e1.modern.js
8.247.218.250200 OK 5.4 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/d8fe55e1.modern.js
IP 8.247.218.250:0
File type ASCII text, with very long lines (13514), with no line terminators
Hash d09287b045ee86c9ec07f7ccee1be538
286ddfedb1de4ecb009a14954dc51e84cdc17d4c
1a5afbf0b42e76ebb4c769d3c1499e138c32899efa237538d0e1da5ed6db0257
GET /_nuxt/desktop/default/d8fe55e1.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 5401
cache-control: max-age=86400
content-encoding: gzip
etag: "63247836-1519"
expires: Tue, 20 Sep 2022 09:35:03 GMT
last-modified: Fri, 16 Sep 2022 13:20:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1012
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/_nuxt/desktop/default/93e2760c.modern.js
8.247.218.250200 OK 26 kB URL HTTP/2 v3.cdnsfree.com/_nuxt/desktop/default/93e2760c.modern.js
IP 8.247.218.250:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 8ee1250e346dbd713e5d0cef55bd0e18
7544dc6006d1e093049072ddc405bcad3faac75f
16c8ace732bbd39ae411b751db07d8a86d838f4604b9d8a28f478cc451aa715e
GET /_nuxt/desktop/default/93e2760c.modern.js HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 26110
cache-control: max-age=86400
content-encoding: gzip
etag: "63247837-65fe"
expires: Tue, 20 Sep 2022 09:35:05 GMT
last-modified: Fri, 16 Sep 2022 13:20:55 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1012
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png
8.247.218.250200 OK 15 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png
IP 8.247.218.250:0
File type PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Hash 70e5105d03a74cc00cd9a0386fde303e
ffcd4fbcd486825d0d31e41cada108335b012d81
baabca03d9695b9475d7d0b4d736fbb093d21f2c03228a7704097e2bfb8e583a
GET /genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: image/png
content-length: 14740
cache-control: public, max-age=120, s-maxage=600
etag: "70e5105d03a74cc00cd9a0386fde303e"
expires: Mon, 19 Sep 2022 09:53:45 GMT
last-modified: Fri, 07 May 2021 11:29:03 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 10
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png
8.247.218.250200 OK 19 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png
IP 8.247.218.250:0
File type PNG image data, 180 x 320, 8-bit/color RGBA, non-interlaced\012- data
Hash eebc2093ed37610949fddb757fb411c2
f7964e29e324fe613114a2d8a574819735d4e8a4
2573852f7e996aaf5d4ae5280f600e384f8b5d75e8c4de9e06100af2d9f55e5c
GET /genfiles/cms/1-285/desktop/footer/logos/logo-serie-new.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: image/png
content-length: 18675
cache-control: public, max-age=120, s-maxage=600
etag: "eebc2093ed37610949fddb757fb411c2"
expires: Mon, 19 Sep 2022 09:50:02 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 245
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png
8.247.218.250200 OK 7.4 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png
IP 8.247.218.250:0
File type PNG image data, 169 x 183, 8-bit colormap, non-interlaced\012- data
Hash 8ea23d2a7c2e152564a43453425b3301
f6e61dbb4b90ab17f23130d79af095a1267b01c3
e193b50c6e3a1657a7c7e1100b941a43c90eeda8f9d56763318ac624eeba2cbd
GET /genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: image/png
content-length: 7420
cache-control: public, max-age=120, s-maxage=600
etag: "8ea23d2a7c2e152564a43453425b3301"
expires: Mon, 19 Sep 2022 09:44:49 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 546
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png
8.247.218.250200 OK 169 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png
IP 8.247.218.250:0
File type PNG image data, 4000 x 4000, 8-bit/color RGBA, non-interlaced\012- data
Size 169 kB (169025 bytes)
Hash ba6cf2e79cb532a105c8f34b1efbcb26
f05ff0a3895400ac928ac1cce6153f657e6f6d8f
8e3e826321588ba9cca7ed55a8c23ee2e64e007775a40f9f8878340b2788864e
GET /genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: image/png
content-length: 169025
cache-control: public, max-age=120, s-maxage=600
etag: "ba6cf2e79cb532a105c8f34b1efbcb26"
expires: Mon, 19 Sep 2022 09:44:43 GMT
last-modified: Wed, 01 Jun 2022 12:16:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 553
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png
8.247.218.250200 OK 149 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png
IP 8.247.218.250:0
File type PNG image data, 2187 x 3222, 8-bit/color RGBA, non-interlaced\012- data
Size 149 kB (149244 bytes)
Hash ab837a9cb89291146ad8b371c052fe8d
bf89d8ec4fa8ac43004ceb74bd49199aa3436ca2
14a017c6bf332ef819755c66546f9847b291c056239bc0289d92063fcd17648b
GET /genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: image/png
content-length: 149244
cache-control: public, max-age=120, s-maxage=600
etag: "ab837a9cb89291146ad8b371c052fe8d"
expires: Mon, 19 Sep 2022 09:48:23 GMT
last-modified: Wed, 25 May 2022 11:38:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 404
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png
8.247.218.250200 OK 15 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png
IP 8.247.218.250:0
File type PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Hash 805de1a5bec7c7e47c459ed79e5a7778
409804a9ad7ebd262a6125eb04cbd678ac7a9824
3dd56bfcb4bd898db532541ee1bbbcbaffc8276b155f518b5d10be553296633d
GET /genfiles/cms/1-285/desktop/footer/logos/caf-champions-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: image/png
content-length: 15100
cache-control: public, max-age=120, s-maxage=600
etag: "805de1a5bec7c7e47c459ed79e5a7778"
expires: Mon, 19 Sep 2022 09:47:25 GMT
last-modified: Fri, 07 May 2021 11:29:04 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 390
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png
8.247.218.250200 OK 9.9 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png
IP 8.247.218.250:0
File type PNG image data, 834 x 434, 8-bit/color RGBA, non-interlaced\012- data
Hash c14d0b72d2885c8ae4975e64ddb29a6f
3c31e0bb67f15daada51baf892c89ef0cd061146
657992cd544e48630d90afc0b957014f0ac4fad15789c7c18a937d5b71231967
GET /genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: image/png
content-length: 9904
cache-control: public, max-age=120, s-maxage=600
etag: "c14d0b72d2885c8ae4975e64ddb29a6f"
expires: Mon, 19 Sep 2022 09:49:58 GMT
last-modified: Thu, 04 Aug 2022 17:36:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 266
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/api/converslon/load
178.253.49.6200 OK 35 kB URL HTTP/2 lite-1x283524.top/web-api/api/converslon/load
IP 178.253.49.6:0
Hash 1b2ba35f3b396ed556e3027620fb224c
21957ff1df6ccbb6bc0f1cd4e50f69a951716768
f1fefd193354d965436059b66f3b9e7d322a70545ee149f04f96a08ef16564d7
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/converslon/load HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:54 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=38, dt_285;dur=42
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/genfiles/web-app-v2/dictionary/prod/v3_main/us/dictionary_66641705f9afcb3558d0b50e4aa4e4c7.js
178.253.49.6200 OK 185 kB URL HTTP/2 lite-1x283524.top/genfiles/web-app-v2/dictionary/prod/v3_main/us/dictionary_66641705f9afcb3558d0b50e4aa4e4c7.js
IP 178.253.49.6:0
File type Unicode text, UTF-8 text, with very long lines (49594), with no line terminators
Size 185 kB (184806 bytes)
Hash 68343782b54b4cdba4630177166a73be
9aa1d28856631bd9299ec7084c23b5a12210b02b
58dce3504db2c8af7742af7cc386b1f968ff39f9bb2d885a21c6dec483593a3b
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/web-app-v2/dictionary/prod/v3_main/us/dictionary_66641705f9afcb3558d0b50e4aa4e4c7.js HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1280; che_g=5c9dcd4f-3685-083b-c4d8-40d19aa0bf97
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Tue, 13 Sep 2022 13:48:06 GMT
x-rgw-object-type: Normal
etag: W/"66641705f9afcb3558d0b50e4aa4e4c7"
cache-control: max-age=3600
content-encoding: br
expires: Mon, 19 Sep 2022 10:51:55 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png
8.247.218.250200 OK 8.1 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png
IP 8.247.218.250:0
File type PNG image data, 243 x 144, 8-bit colormap, non-interlaced\012- data
Hash d2998762f0b00c9d1bcd90c28f0a5731
95553e4eff474b6a05ad4a6e00826ba4ab9b2c4e
09050bbfb49f160886714942b619eb95dbd92f2f6862f38aa685538f420591b8
GET /genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: image/png
content-length: 8120
cache-control: public, max-age=120, s-maxage=600
etag: "d2998762f0b00c9d1bcd90c28f0a5731"
expires: Mon, 19 Sep 2022 09:52:56 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 95
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png
8.247.218.250200 OK 119 kB URL HTTP/2 v3.cdnsfree.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png
IP 8.247.218.250:0
File type PNG image data, 2052 x 1962, 8-bit/color RGBA, non-interlaced\012- data
Size 119 kB (119254 bytes)
Hash 0b72a6591ead9e9b95a118b411b9556a
6d43538a7c2167e9046d418e0707dba8f361fd1c
012b4965e861f6073a0496f55677715279f5799468c9aa4c3d92bdbbc5e0b67b
GET /genfiles/cms/1-285/desktop/footer/logos/logo-losc.png HTTP/1.1
Host: v3.cdnsfree.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: image/png
content-length: 119254
cache-control: public, max-age=120, s-maxage=600
etag: "0b72a6591ead9e9b95a118b411b9556a"
expires: Mon, 19 Sep 2022 09:53:55 GMT
last-modified: Fri, 09 Sep 2022 14:12:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 519
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Mon, 19 Sep 2022 08:41:12 GMT
expires: Mon, 19 Sep 2022 10:41:12 GMT
cache-control: public, max-age=7200
age: 4243
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x283524.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1663581096552
178.253.49.6200 OK 145 B URL HTTP/2 lite-1x283524.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1663581096552
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 81d90db48c09d6f764c4929c90eadfc1
6fe1a593e77cca8d9adff9fe5b5f40e19ccf7bd8
fa0a9c9d33937e1539ce6b9e44abf7ecd69f5032c6ba8b85308c6a388f8dc28c
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1663581096552 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1280; che_g=5c9dcd4f-3685-083b-c4d8-40d19aa0bf97
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 21 Apr 2022 06:40:33 GMT
x-rgw-object-type: Normal
etag: "81d90db48c09d6f764c4929c90eadfc1"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/api/internal/v1/proof_of_age
178.253.49.6204 No Content 0 B URL HTTP/2 lite-1x283524.top/web-api/api/internal/v1/proof_of_age
IP 178.253.49.6:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1280; che_g=5c9dcd4f-3685-083b-c4d8-40d19aa0bf97
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 19 Sep 2022 09:51:55 GMT
cache-control: no-cache, private
server-timing: p;dur=36, dt_285;dur=39
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/external-api/config/all
178.253.49.6200 OK 12 kB URL HTTP/2 lite-1x283524.top/web-api/external-api/config/all
IP 178.253.49.6:0
Hash 856ce753974b21fa9601b8788e653196
5675fabfc6dc387b42d100e957e249feda6fdf33
b0cfdbfc526a88f22dfde44d4360d1a5f939aad926a30c4839e0d912d8b2376d
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/external-api/config/all HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1280; che_g=5c9dcd4f-3685-083b-c4d8-40d19aa0bf97; _ga=GA1.2.82751404.1663581097; _gid=GA1.2.700328228.1663581097
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:55 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=73, dt_285;dur=74
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6f0747f732f05e110f9fe9938de620d3
d4e9a55014187d0d2af174e5c27d03cc10c6cb05
32a866308c9d930c425a8ced1974039a409528cb4a0bd07bfbe4d8cd39be9742
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:51:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-178408567-1&cid=82751404.1663581097&jid=1965250353&gjid=1053359555&_gid=700328228.1663581097&_u=aGBAAUACQAAAAC~&z=799183129
142.251.1.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-178408567-1&cid=82751404.1663581097&jid=1965250353&gjid=1053359555&_gid=700328228.1663581097&_u=aGBAAUACQAAAAC~&z=799183129
IP 142.251.1.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-178408567-1&cid=82751404.1663581097&jid=1965250353&gjid=1053359555&_gid=700328228.1663581097&_u=aGBAAUACQAAAAC~&z=799183129 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lite-1x283524.top
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://lite-1x283524.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 19 Sep 2022 09:51:56 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/external-api/config/getLangs
178.253.49.6200 OK 2.0 kB URL HTTP/2 lite-1x283524.top/web-api/external-api/config/getLangs
IP 178.253.49.6:0
Hash e88547abe393d23b977e7c9025075296
45b74c8796b5cf8f337822620e93da5fb46de96b
dd9bac0af2ab9fec83d92fe1dec5480971f77d3dbef0efe855509aad306b769e
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/config/getLangs HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1280; che_g=5c9dcd4f-3685-083b-c4d8-40d19aa0bf97; _ga=GA1.2.82751404.1663581097; _gid=GA1.2.700328228.1663581097; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:56 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=39, dt_285;dur=50
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/g/599a073df53542f435609edd366655a6423a4cc1
178.253.49.6200 OK 2 B URL HTTP/2 lite-1x283524.top/web-api/g/599a073df53542f435609edd366655a6423a4cc1
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/g/599a073df53542f435609edd366655a6423a4cc1 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://lite-1x283524.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1280; che_g=5c9dcd4f-3685-083b-c4d8-40d19aa0bf97; _ga=GA1.2.82751404.1663581097; _gid=GA1.2.700328228.1663581097; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:56 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, private
server-timing: p;dur=29, dt_285;dur=31
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/external-api/landings/landing_first_deposit_football8_p45_tn213
178.253.49.6404 Not Found 47 B URL HTTP/2 lite-1x283524.top/web-api/external-api/landings/landing_first_deposit_football8_p45_tn213
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e7ad4038e108682dfb4bacad8c47a6ac
08ea114abab8a1d2a5bcdb4f431f3b1d4ba3957a
5913035ba53116604f00ddd8b8b41aae6f147f90657e4a4ed0617977c512c8b8
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/landings/landing_first_deposit_football8_p45_tn213 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=0; che_g=5c9dcd4f-3685-083b-c4d8-40d19aa0bf97; _ga=GA1.2.82751404.1663581097; _gid=GA1.2.700328228.1663581097; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Mon, 19 Sep 2022 09:51:56 GMT
content-type: application/json
content-length: 47
cache-control: no-cache, private
server-timing: dt_285;dur=501
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/genfiles/cms/1-285/desktop/errorsPage/sprite-football-men.png
178.253.49.6200 OK 212 kB URL HTTP/2 lite-1x283524.top/genfiles/cms/1-285/desktop/errorsPage/sprite-football-men.png
IP 178.253.49.6:0
File type PNG image data, 7336 x 587, 8-bit colormap, non-interlaced\012- data
Size 212 kB (212062 bytes)
Hash 8270a8ed37510c1d081ca47895bed81f
a88857250443b9b93e41a1fbdc46017737db5a72
70d2d3a884d1588eb40e4066fa2c4362194b48c4b805ec75fb963bcdeabf24da
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/1-285/desktop/errorsPage/sprite-football-men.png HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/404
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1280; che_g=5c9dcd4f-3685-083b-c4d8-40d19aa0bf97; _ga=GA1.2.82751404.1663581097; _gid=GA1.2.700328228.1663581097; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:56 GMT
content-type: image/png
content-length: 212062
last-modified: Thu, 18 Mar 2021 14:54:24 GMT
x-rgw-object-type: Normal
etag: "8270a8ed37510c1d081ca47895bed81f"
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 20 Sep 2022 09:51:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/genfiles/cms/1-285/desktop//errorsPage/gates.png
178.253.49.6200 OK 79 kB URL HTTP/2 lite-1x283524.top/genfiles/cms/1-285/desktop//errorsPage/gates.png
IP 178.253.49.6:0
File type PNG image data, 739 x 687, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ecd34213f0d5c445cb14d6f8d2dd7ed
aadbec956b67f7247b08c7fbfdb3e9625bd6bc00
98c1b640475c09dbed13ae6ea5772634ce5d889d3f0ec97701f21bcd7e772541
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/1-285/desktop//errorsPage/gates.png HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1280; che_g=5c9dcd4f-3685-083b-c4d8-40d19aa0bf97; _ga=GA1.2.82751404.1663581097; _gid=GA1.2.700328228.1663581097; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:56 GMT
content-type: image/png
content-length: 78710
last-modified: Sat, 07 Nov 2020 11:58:55 GMT
x-rgw-object-type: Normal
etag: "0ecd34213f0d5c445cb14d6f8d2dd7ed"
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 20 Sep 2022 09:51:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/genfiles/cms/1-285/desktop/errorsPage/ball.webp
178.253.49.6200 OK 2.0 kB URL HTTP/2 lite-1x283524.top/genfiles/cms/1-285/desktop/errorsPage/ball.webp
IP 178.253.49.6:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash b2e135d916673e6f1be84800198490d4
60db6095350e4b9e618aab6666650eb13a941745
3b2e95cba675bc9bdeae9308d00f629d586a6ae7e55aa60a971027cbf9ed7682
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/1-285/desktop/errorsPage/ball.webp HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/404
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1280; che_g=5c9dcd4f-3685-083b-c4d8-40d19aa0bf97; _ga=GA1.2.82751404.1663581097; _gid=GA1.2.700328228.1663581097; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:56 GMT
content-type: application/octet-stream
content-length: 2010
last-modified: Tue, 26 Jan 2021 08:32:04 GMT
x-rgw-object-type: Normal
etag: "b2e135d916673e6f1be84800198490d4"
access-control-allow-origin: *
cache-control: max-age=86400
expires: Tue, 20 Sep 2022 09:51:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x283524.top/web-api/external-api/promotions/isRedirectToMainAllowed
178.253.49.6200 OK 18 B URL HTTP/2 lite-1x283524.top/web-api/external-api/promotions/isRedirectToMainAllowed
IP 178.253.49.6:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 55095ba64974867afec875e9b3502034
a61f719ceafe41631e57a0f98b84800df6ca84b7
a78bd32faee734538feba7119e45a47d0cf5eccca5e84c8d20360de910abace4
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/promotions/isRedirectToMainAllowed HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x283524.top/404
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us; tzo=0; window_width=1280; che_g=5c9dcd4f-3685-083b-c4d8-40d19aa0bf97; _ga=GA1.2.82751404.1663581097; _gid=GA1.2.700328228.1663581097; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:56 GMT
content-type: application/json
content-length: 18
cache-control: no-cache, private
server-timing: p;dur=27, dt_285;dur=31
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 1faa1e89e3b2511012cd1a6fdd6bd77c
df85cdd43b0989e082c23ba3bf189b1312925a7b
2758cbe344b3ced48aa9e76c26a735678418967100c06fe7e6ba993d440241dc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 688
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 19 Sep 2022 09:51:57 GMT
Last-Modified: Mon, 19 Sep 2022 09:40:29 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 279
suphelper.com/widget/injector.js
104.16.42.72200 OK 45 kB URL HTTP/2 suphelper.com/widget/injector.js
IP 104.16.42.72:0
File type Unicode text, UTF-8 text, with very long lines (38365)
Hash a8d2163e072dcd87a9e05b0177ccf039
eccec54235a9260279841c9b4e60bdc2f8c6931f
de365ae63bb13fa81e66f5aa60a1f02a2b65bf906d3c1f635a48969ca099d613
GET /widget/injector.js HTTP/1.1
Host: suphelper.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 19 Sep 2022 09:51:57 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-c23ebb3e-55ba-4a53-bad2-fcf25491af5e' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://suphelper.ru wss://suphelper.ru *.suphelper.ru https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
cache-control: public, max-age=300
last-modified: Fri, 09 Sep 2022 16:12:09 GMT
etag: W/"28d83-1832305d7a8"
vary: Accept-Encoding
cf-cache-status: HIT
age: 70
server: cloudflare
cf-ray: 74d16cfe0f1616a1-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a7ad2cc-ef0a-4973-a3a0-8f53198682d9.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a7ad2cc-ef0a-4973-a3a0-8f53198682d9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e3a1bdabe9e06373a1aa3977c3040f37
a422bffed31da9795094e54d332e5e369b59ae0b
782aa735026b1a1b506faa41a25f811c1ae94a863a3d5629b843fb6c82e75606
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a7ad2cc-ef0a-4973-a3a0-8f53198682d9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6121
x-amzn-requestid: 4571ee4c-d8dd-4f9e-9ebd-c9281fe9c6c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YiFx5EjzIAMFlwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6323e9a5-7667eea63e0eeac92622ddab;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 03:12:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _RmGZfEdOtVmgTamVF_yP5mbI3Hy_TrPF4iM-JupYNHjDAR23lcTNg==
via: 1.1 b4085435efbe95a420f374958bd145be.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 19 Sep 2022 05:23:27 GMT
age: 16113
etag: "a422bffed31da9795094e54d332e5e369b59ae0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
178.253.49.6200 OK 0 B URL HTTP/2 lite-1x283524.top/promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213
IP 178.253.49.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /promo-frame/us/landing-page/landing_first_deposit_football8_p45_tn213 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:53 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
etag: "130d-IHZE3PdEZ922tgX5N/hrC2zr3z0"
server-timing: dt_285;dur=2
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
178.253.49.6200 OK 0 B URL HTTP/2 lite-1x283524.top/us/landing-page/landing_first_deposit_football8_p45_tn213
IP 178.253.49.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /us/landing-page/landing_first_deposit_football8_p45_tn213 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0xBmMoO7hEvVs4A38ZAg==; SESSION=48dc061c1ac2847ec2937ab29fadc34d; lng=us
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 19 Sep 2022 09:51:53 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=379;desc="Nuxt Server Time", dt_285;dur=435
set-cookie: lng=us; Path=/
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x283524.top/lpage/landing_first_deposit_football8_p45_TN213
178.253.49.6302 Found 0 B URL HTTP/2 lite-1x283524.top/lpage/landing_first_deposit_football8_p45_TN213
IP 178.253.49.6:0
Analyzer Verdict Alert quad9 Sinkholed
GET /lpage/landing_first_deposit_football8_p45_TN213 HTTP/1.1
Host: lite-1x283524.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Mon, 19 Sep 2022 09:51:52 GMT
location: /US/lpage/landing_first_deposit_football8_p45_TN213
server-timing: total;dur=0;desc="Nuxt Server Time", dt_285;dur=1
x-frame-options: SAMEORIGIN
x-reason: empty_lang
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: platform_type=desktop; Path=/; Expires=Thu, 22 Sep 2022 09:51:52 GMT
auid=sv0xBmMoO7hEvVs4A38ZAg==; expires=Tue, 19-Sep-23 09:51:52 GMT; path=/
X-Firefox-Spdy: h2