1xlite-071412.top/registration/
178.253.15.11301 Moved Permanently 162 B URL HTTP/1.1 1xlite-071412.top/registration/
IP 178.253.15.11:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /registration/ HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 31 Jan 2023 20:05:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://1xlite-071412.top/registration/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9814
Expires: Tue, 31 Jan 2023 22:48:41 GMT
Date: Tue, 31 Jan 2023 20:05:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4051
Expires: Tue, 31 Jan 2023 21:12:38 GMT
Date: Tue, 31 Jan 2023 20:05:07 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 19:35:54 GMT
content-type: application/json
age: 1753
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7345
Expires: Tue, 31 Jan 2023 22:07:32 GMT
Date: Tue, 31 Jan 2023 20:05:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Wq+gh/H6+fKwrj6dd1uAOKjRRdseEsbQNnHVbnygdzJvSrUqkBnpUt59Ztxn2cW0cu5faeb9d+M=
x-amz-request-id: BNGA09M59FDJNMJA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 19:51:17 GMT
age: 830
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d7ef4e252c12c98400efbd34693254d2
a310c72b873b85d556564b0217a73afca628c8b2
926cfc2ce8ca58003a02804c6f62417f7c45f0625dba30a30e50cf2cec6c364d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "926CFC2CE8CA58003A02804C6F62417F7C45F0625DBA30A30E50CF2CEC6C364D"
Last-Modified: Sun, 29 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9301
Expires: Tue, 31 Jan 2023 22:40:08 GMT
Date: Tue, 31 Jan 2023 20:05:07 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:07 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 19:41:42 GMT
age: 1406
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2376
Expires: Tue, 31 Jan 2023 20:44:44 GMT
Date: Tue, 31 Jan 2023 20:05:08 GMT
Connection: keep-alive
push.services.mozilla.com/
35.162.52.254101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.162.52.254:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nRzb+EnI8Q6T+bfZt4G/AQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4l5Wc6PILineYWZK07SX/nfD6sU=
1xlite-071412.top/genfiles/cms/pg/285/css/value/25c9fae1a3ccc774c9190693aba677fb.css
178.253.15.11200 OK 6.4 kB URL HTTP/2 1xlite-071412.top/genfiles/cms/pg/285/css/value/25c9fae1a3ccc774c9190693aba677fb.css
IP 178.253.15.11:0
File type ASCII text, with very long lines (34634), with no line terminators
Hash 1adb2bb492541c5000bd08ee55272e92
da53e8720c8be6aa0a9ec8376387eca2f05f744d
5d19f140829781736e2e4562c32be196d6c8a5c316ccf17f98c6f6c1ba6f7a74
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/pg/285/css/value/25c9fae1a3ccc774c9190693aba677fb.css HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:08 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Jan 2023 12:46:35 GMT
x-rgw-object-type: Normal
etag: W/"a096fa1f997b41d35a16344cf6f30e8e"
content-encoding: br
expires: Tue, 31 Jan 2023 21:05:08 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6d208f0208216b211ab9fd5d0ca0d421
3a275011eae8857994aa7c4374762d8a6ef537ed
6af4673c8e8eddb935ab5218b3ddd3c8a405d716d6d6865fbf72a18f6be3ecce
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:05:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 15:03:03 GMT
Expires: Sun, 05 Feb 2023 15:03:02 GMT
Etag: "3a275011eae8857994aa7c4374762d8a6ef537ed"
Cache-Control: max-age=413272,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79250f7c1d640b59-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6d208f0208216b211ab9fd5d0ca0d421
3a275011eae8857994aa7c4374762d8a6ef537ed
6af4673c8e8eddb935ab5218b3ddd3c8a405d716d6d6865fbf72a18f6be3ecce
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:05:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 15:03:03 GMT
Expires: Sun, 05 Feb 2023 15:03:02 GMT
Etag: "3a275011eae8857994aa7c4374762d8a6ef537ed"
Cache-Control: max-age=413272,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79250f7c1c97b4fd-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6d208f0208216b211ab9fd5d0ca0d421
3a275011eae8857994aa7c4374762d8a6ef537ed
6af4673c8e8eddb935ab5218b3ddd3c8a405d716d6d6865fbf72a18f6be3ecce
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:05:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 15:03:03 GMT
Expires: Sun, 05 Feb 2023 15:03:02 GMT
Etag: "3a275011eae8857994aa7c4374762d8a6ef537ed"
Cache-Control: max-age=413272,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79250f7c1cbcb4fa-OSL
v3.traincdn.com/_nuxt/desktop/default/css/a895c423.css
8.247.219.250200 OK 13 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/a895c423.css
IP 8.247.219.250:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash c025ff5d463833d2cdf1dc65d50f3224
a397c4f5debab58c1e86b343d88610cf9a87d2e6
a5d4fcfccdd231d15579f5fcd6502f01a11a75a4b6986387f9b8a914657fecbb
GET /_nuxt/desktop/default/css/a895c423.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 13325
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-340d"
expires: Wed, 01 Feb 2023 08:43:55 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40874
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Registration-673051a6.modern.js
8.247.219.250200 OK 1.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Registration-673051a6.modern.js
IP 8.247.219.250:0
File type ASCII text, with very long lines (3016), with no line terminators
Hash 482e66606fe63024359689cf733203c5
46f17ec69443f18bad4e6048d0874be2551f5788
aa9a91745c7dfff8e672f78a7065cc39d392d7bcea220145cbf0c6463e78f371
GET /_nuxt/desktop/default/Page.Registration-673051a6.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 1155
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-483"
expires: Wed, 01 Feb 2023 16:17:05 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13684
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/047e1132.css
8.247.219.250200 OK 632 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/047e1132.css
IP 8.247.219.250:0
File type ASCII text, with very long lines (2717), with no line terminators
Hash 173cf01f59877386b179e20fec6daf7d
38e4b5cfd5d7a6615289383a50dee01af5b45ded
d962b5be50781582ec85722889f9dd66b2c5be28a2940d49c89180638354ca4b
GET /_nuxt/desktop/default/css/047e1132.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 632
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-278"
expires: Wed, 01 Feb 2023 15:40:09 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 15931
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/eb0fc106-84a68117.modern.js
8.247.219.250200 OK 2.5 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/eb0fc106-84a68117.modern.js
IP 8.247.219.250:0
File type ASCII text, with very long lines (8713), with no line terminators
Hash 8a3d5760e7f4072beff4b4c5ac9774ac
82ce34a8c3388303cccb52037ab77b18e9f0f920
52bb424d95e259f74e882bf995cb2d176312c1b3565dd7bbdb069316dfd2c799
GET /_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/eb0fc106-84a68117.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 2525
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-9dd"
expires: Wed, 01 Feb 2023 16:15:51 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13764
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
8.247.219.250200 OK 698 B URL HTTP/2 v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP 8.247.219.250:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash baf96800254904a05eee2ff49c94a801
847efb3449a8d7857f004192310aa2164a71d530
0ba137aa5f655e712ac40a592f366d1bd3b53b0a6b71c2cff4e7e0090f440335
GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: image/svg+xml
content-length: 698
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Wed, 01 Feb 2023 03:09:24 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 60946
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/447d11ab.css
8.247.219.250200 OK 2.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/447d11ab.css
IP 8.247.219.250:0
File type ASCII text, with very long lines (15795), with no line terminators
Hash 5fb941d29b718359b71687ec6cf4314d
36be41877b2731605f6fb9652089bbc8c9c73449
e675a93c542158af424a306d63665fb7f277c8371baed751c230002b781ee6b8
GET /_nuxt/desktop/default/css/447d11ab.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 2190
cache-control: max-age=86400
content-encoding: gzip
etag: "63d518b0-88e"
expires: Tue, 31 Jan 2023 08:43:54 GMT
last-modified: Sat, 28 Jan 2023 12:44:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40885
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Block/Page.Maintenance/Page.Registration/Page.SiteUpdates-bddbd34c.modern.js
8.247.219.250200 OK 74 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Block/Page.Maintenance/Page.Registration/Page.SiteUpdates-bddbd34c.modern.js
IP 8.247.219.250:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0489a627d0a83ad39bbb37917832cbca
0c67daec26e0c8663e44c7291942e5a3d9a6ec12
7ae2f28caf358da1a5ed79bcb4281a7b5a56a6742ca9ba02b4e7f5a36f046ea7
GET /_nuxt/desktop/default/vendors/Page.Block/Page.Maintenance/Page.Registration/Page.SiteUpdates-bddbd34c.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 73993
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-12109"
expires: Wed, 01 Feb 2023 16:16:14 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13743
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
v3.traincdn.com/_nuxt/desktop/default/runtime-a80dc1c6.modern.js
8.247.219.250200 OK 13 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/runtime-a80dc1c6.modern.js
IP 8.247.219.250:0
File type ASCII text, with very long lines (40212), with no line terminators
Hash 16d00239b2028da76291e3e8f888b52e
baf2c6405bdcd634effb87e02ac3295c508f22fd
d32ce4657a735a7e99dd73c59fdcfe6d6c713677e2a9b93308a804acfcb5789e
GET /_nuxt/desktop/default/runtime-a80dc1c6.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 12832
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-3220"
expires: Wed, 01 Feb 2023 13:07:36 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 25054
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/bf967876.css
8.247.219.250200 OK 40 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/bf967876.css
IP 8.247.219.250:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8940a7faf6707649e59c0d0baa0bfc06
e6a2890b241a5f4b0aed6ee5f884770aeaedd552
743ef9c3033e2dc8d1a23f21989627bf8fedf70cc8fd54ba537dc8a45b2b907c
GET /_nuxt/desktop/default/css/bf967876.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 39797
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-9b75"
expires: Wed, 01 Feb 2023 13:41:08 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23042
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/app-7065404e.modern.js
8.247.219.250200 OK 187 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/app-7065404e.modern.js
IP 8.247.219.250:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size 187 kB (187064 bytes)
Hash 902e0cfb315ab5de9c80d764b8d63091
1b70c5cb608a88711c51bfcfdfe0673a0ffcbef4
2c518fb9f27b54efcb1cca5f9019a3ddc93d5fd6dc265fcbd6d2a10922fbd84a
GET /_nuxt/desktop/default/app-7065404e.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 187064
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-2dab8"
expires: Wed, 01 Feb 2023 13:07:42 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 25054
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/app-0a7f18f1.modern.js
8.247.219.250200 OK 218 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/app-0a7f18f1.modern.js
IP 8.247.219.250:0
File type Unicode text, UTF-8 text, with very long lines (65396)
Size 218 kB (218088 bytes)
Hash b7b6c2a24eaa5f9a43b197549ebf4d44
c61ca34e7668814c95bdd1d359f69bd6e9e37b9f
aeef95ee654123c515ff61cd195388fcac46c8e6fef022da7aacd2bc98e5bcb2
GET /_nuxt/desktop/default/vendors/app-0a7f18f1.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 218088
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-353e8"
expires: Wed, 01 Feb 2023 13:07:43 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 25055
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.106200 OK 1.9 kB URL HTTP/2 fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.106:0
Hash 7b00892483baf7654bb595f112156362
f38002e9c542eaf39a731f541c66b92775ecc47f
4f0f63220b2ae421efc22cd6e9f5afa5235bfca1a7008625bc421e28d5b3a355
GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 20:05:09 GMT
date: Tue, 31 Jan 2023 20:05:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 6d208f0208216b211ab9fd5d0ca0d421
3a275011eae8857994aa7c4374762d8a6ef537ed
6af4673c8e8eddb935ab5218b3ddd3c8a405d716d6d6865fbf72a18f6be3ecce
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:05:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 15:03:03 GMT
Expires: Sun, 05 Feb 2023 15:03:02 GMT
Etag: "3a275011eae8857994aa7c4374762d8a6ef537ed"
Cache-Control: max-age=413272,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79250f7c1ea7b4ee-OSL
v3.traincdn.com/version.json
8.247.219.250200 OK 44 B URL HTTP/2 v3.traincdn.com/version.json
IP 8.247.219.250:0
Hash ab3a83e93384ead7369a37ac2c9a3500
7865d8fbb86850bb45491a4c1c13ac1d7a1ac48b
1907f0a9352812064d5fe93a3df8015d0800f84ab0d78c9dcf662ac364ccbe7e
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-071412.top
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/json
content-length: 44
cache-control: max-age=60, s-maxage=60
content-encoding: gzip
etag: "63d7a05e-2c"
expires: Tue, 31 Jan 2023 20:05:50 GMT
last-modified: Mon, 30 Jan 2023 10:47:58 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 19
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/commons/app-25b0d209.modern.js
8.247.219.250200 OK 86 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/commons/app-25b0d209.modern.js
IP 8.247.219.250:0
File type ASCII text, with very long lines (65476)
Hash d111957f54d047770e9eb82e5411c32e
6064ecd11dc7d236d7e8aeb45e71e7d78fb559f1
ea6084b3a9c6b1f3295c745776ff733cd6c8cf1a0e47cc048cfe1764872b7577
GET /_nuxt/desktop/default/commons/app-25b0d209.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 86150
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-15086"
expires: Wed, 01 Feb 2023 16:15:47 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13763
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-071412.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 24963
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-071412.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 562390
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1xlite-071412.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
178.253.15.11200 OK 352 B URL HTTP/2 1xlite-071412.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP 178.253.15.11:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
expires: Fri, 27 Jan 2023 23:45:49 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-071412.top/_nuxt/desktop/default/vendors/plugins.vue-notification-1eebd76b.modern.js
178.253.15.11200 OK 4.6 kB URL HTTP/2 1xlite-071412.top/_nuxt/desktop/default/vendors/plugins.vue-notification-1eebd76b.modern.js
IP 178.253.15.11:0
File type ASCII text, with very long lines (12527), with no line terminators
Hash 44fcb95abdc227a75191b77b3abef54a
4af66b7ddd84b2a4fb6fe0d4d448f53b720fa3d1
0b3f039b3df031a44910811729dccaa407c2765affe3b3915a52de284beafaeb
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/vendors/plugins.vue-notification-1eebd76b.modern.js HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 4563
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
vary: Accept-Encoding
etag: "63d79f43-11d3"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-57978af9.modern.js
178.253.15.11200 OK 22 kB URL HTTP/2 1xlite-071412.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-57978af9.modern.js
IP 178.253.15.11:0
File type ASCII text, with very long lines (65476)
Hash d1f437b3e24fc5c3b5c0d4b7375b3071
f97e182159e0eeea9d60c50b902aa7a99cbe3ce1
da76c84d91778caa278bd99c115925798f620c993ea0f2d9ebfbe6817c414589
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-57978af9.modern.js HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 21853
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
vary: Accept-Encoding
etag: "63d79f43-555d"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/_nuxt/desktop/default/css/447d11ab.css
178.253.15.11200 OK 2.2 kB URL HTTP/2 1xlite-071412.top/_nuxt/desktop/default/css/447d11ab.css
IP 178.253.15.11:0
File type ASCII text, with very long lines (15795), with no line terminators
Hash 848643f84c7a9e77f72b9929767007b1
4f3949efc6fce8c57e4aaa8aed9193d8cc883e24
0c10e5e0ad620404d09ce098c4c1562caab95326dc5560b0a2b2d94d4688c9ae
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/css/447d11ab.css HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 2190
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
vary: Accept-Encoding
etag: "63d79f42-88e"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/_nuxt/desktop/default/css/047e1132.css
178.253.15.11200 OK 632 B URL HTTP/2 1xlite-071412.top/_nuxt/desktop/default/css/047e1132.css
IP 178.253.15.11:0
File type ASCII text, with very long lines (2717), with no line terminators
Hash 173cf01f59877386b179e20fec6daf7d
38e4b5cfd5d7a6615289383a50dee01af5b45ded
d962b5be50781582ec85722889f9dd66b2c5be28a2940d49c89180638354ca4b
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/css/047e1132.css HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 632
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
vary: Accept-Encoding
etag: "63d79f42-278"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15046
Expires: Wed, 01 Feb 2023 00:15:55 GMT
Date: Tue, 31 Jan 2023 20:05:09 GMT
Connection: keep-alive
1xlite-071412.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1675195527961
178.253.15.11200 OK 145 B URL HTTP/2 1xlite-071412.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1675195527961
IP 178.253.15.11:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1675195527961 HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
expires: Wed, 01 Feb 2023 20:05:09 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15046
Expires: Wed, 01 Feb 2023 00:15:55 GMT
Date: Tue, 31 Jan 2023 20:05:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 65314
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XYo_QvM8GWDyulOtUb5nVjS9PxOinaRJ3lYvCreeqd_9tHI5yv5xcQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:21 GMT
age: 80208
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:24:36 GMT
age: 60033
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 66150
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:17 GMT
age: 80212
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:52 GMT
age: 58457
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1xlite-071412.top/pwa
178.253.15.11200 OK 15 B IP 178.253.15.11:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e4766fd1b2ba2e236fd9364587f99ab
eb98dec7af065d80a1a3ddb99cb3e3c0919aa852
4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b
Analyzer Verdict Alert quad9 Sinkholed
GET /pwa HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-071412.top/en/registration
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/json; charset=utf-8
content-length: 15
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
server-timing: dt_285;dur=1
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/_nuxt/desktop/default/css/f9d99aa7.css
178.253.15.11200 OK 943 B URL HTTP/2 1xlite-071412.top/_nuxt/desktop/default/css/f9d99aa7.css
IP 178.253.15.11:0
File type ASCII text, with very long lines (3303), with no line terminators
Hash c8814e2b14b9b8a9316b055f63e396e1
64c157e6647fa007ee52203b65217215cad25d5f
9a67b2e18901d9efc1e5a0a215542688c931f5bc2b8c90a1da733b6d9db9d2d6
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/css/f9d99aa7.css HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 943
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
vary: Accept-Encoding
etag: "63d79f43-3af"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/_nuxt/desktop/default/plugins.vue-js-modal-4aa1340f.modern.js
178.253.15.11200 OK 7.5 kB URL HTTP/2 1xlite-071412.top/_nuxt/desktop/default/plugins.vue-js-modal-4aa1340f.modern.js
IP 178.253.15.11:0
File type HTML document, ASCII text, with very long lines (25593), with no line terminators
Hash 8c9f740da4bd6dd64248c2c5607157ef
f640e99beeb429f94257095aa04e6f26194ea1be
07bd8522b6f6ee163e2416e79f769d22a420874de7a049263fd3ce31bf507b98
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/plugins.vue-js-modal-4aa1340f.modern.js HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 7505
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
vary: Accept-Encoding
etag: "63d79f43-1d51"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/_nuxt/desktop/default/date-fns-locale-21-8f364136.modern.js
178.253.15.11200 OK 2.7 kB URL HTTP/2 1xlite-071412.top/_nuxt/desktop/default/date-fns-locale-21-8f364136.modern.js
IP 178.253.15.11:0
File type ASCII text, with very long lines (9012), with no line terminators
Hash d250827722be904e26a41986b7d1d502
96a77661e0136406823fdfb815d0f7b547e6f4d9
0b2296a1dfa4bc72b817c45bf9d3798edcb37953fe0c27745e362e96e594d878
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/date-fns-locale-21-8f364136.modern.js HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 2652
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
vary: Accept-Encoding
etag: "63d79f42-a5c"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/DC-2014d636.modern.js
8.247.219.250200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/DC-2014d636.modern.js
IP 8.247.219.250:0
File type ASCII text, with very long lines (2509), with no line terminators
Hash 6dc923ae3607a521ef3c98dd910ce134
c77fa89629534d0f661ac1f5c5a5c3832aa816d9
79fc061cb0c22d0d7df208560dcc8f7bf42b2cf108380d20516549da2aeb5805
GET /_nuxt/desktop/default/DC-2014d636.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 1082
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-43a"
expires: Wed, 01 Feb 2023 16:15:52 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13762
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1xlite-071412.top/_nuxt/Desktop/Default/svg-sprites/common-2000120.svg
178.253.15.11200 OK 43 kB URL HTTP/2 1xlite-071412.top/_nuxt/Desktop/Default/svg-sprites/common-2000120.svg
IP 178.253.15.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash cec9f6d498a6618ece7c21a115b96881
532dfb6fddc2e5c2c3b45f3001391e4b586d685b
105556ab71faf8dae5eadab3cb6af42606be2a350fc740f48fd4f86b68a45ee8
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/Desktop/Default/svg-sprites/common-2000120.svg HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
etag: W/"63d79f43-1af48"
expires: Wed, 01 Feb 2023 20:02:47 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-178408567-1
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1759)
Hash 3720661a753d3bcf4e723293fdc499c9
3ef2597456d6246d7f8376b3829c179ab854fb99
ec5e96ba03992ab231e1e2306f1fc7ccbcffd37472e24245b4cdcbf7fbf68fb4
GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 20:05:10 GMT
expires: Tue, 31 Jan 2023 20:05:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45036
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
radar.cedexis.com/1593429750/radar.js
45.54.49.5200 OK 19 kB URL HTTP/1.1 radar.cedexis.com/1593429750/radar.js
IP 45.54.49.5:0
ASN #63911 NetActuate, Inc
File type ASCII text, with very long lines (1782)
Hash 2acb3c3179b2646943d1a8f5166743cc
56aa31a4027fec3dd8cc78114c6b0f3604716c14
0ac8b27ab0fd5f6440f4fc51e98694a417ae1402a3ca4feb224643327c079595
GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 20:05:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 29 Jun 2020 11:30:33 GMT
Vary: Accept-Encoding
ETag: W/"5ef9d0d9-af5c"
Expires: Tue, 14 Feb 2023 20:05:10 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-a058339a.modern.js
8.247.219.250200 OK 5.4 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-a058339a.modern.js
IP 8.247.219.250:0
File type ASCII text, with very long lines (13485), with no line terminators
Hash e4c16860600185911eac1e0abfb7cfa5
b816e49cc33cba2a6709ce5517aa8c163d823164
73fbc80163ac57764a3dc53423ed12772e182ce60edebbad622f8e22be285999
GET /_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-a058339a.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 5399
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-1517"
expires: Wed, 01 Feb 2023 16:16:57 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13695
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/b8c5da74.css
8.247.219.250200 OK 211 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/b8c5da74.css
IP 8.247.219.250:0
File type ASCII text, with very long lines (369), with no line terminators
Hash 8c6c6544f1276b88c8986f1fdae6f808
8c1d76b32d354704c0a500f311166b35d3b52665
8a7e55af53086a457ffedae13850ffff580d32a4804c88d62935064caab89318
GET /_nuxt/desktop/default/css/b8c5da74.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: text/css
content-length: 211
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-d3"
expires: Wed, 01 Feb 2023 15:33:16 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 16318
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/da6c9763-f110c4f4.modern.js
8.247.219.250200 OK 6.5 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/da6c9763-f110c4f4.modern.js
IP 8.247.219.250:0
File type ASCII text, with very long lines (20689)
Hash 53998bab36dd2a66e15bf80e13c1e478
185e0d189ab8fc67a9a54016f55b9e9c86e0d327
582b2a8ec2421d970d766b65871a2abad4f17b47abaebf19b2783d1b15212532
GET /_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/da6c9763-f110c4f4.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 6469
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-1945"
expires: Wed, 01 Feb 2023 16:16:00 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13757
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/6ddcb708.css
8.247.219.250200 OK 464 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/6ddcb708.css
IP 8.247.219.250:0
File type ASCII text, with very long lines (1665), with no line terminators
Hash b8b503fd31564207d769e597bc17fdfd
d7dabc0def0e9eb58aeb6a42c34108678019e2bd
62f2fabb3cdaf1b672236f9921f1c33e6dab7dc386ab0ccb4a6ee19c2438af61
GET /_nuxt/desktop/default/css/6ddcb708.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: text/css
content-length: 464
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-1d0"
expires: Wed, 01 Feb 2023 14:14:39 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21040
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/9ec65dba-37adabbc.modern.js
8.247.219.250200 OK 8.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/9ec65dba-37adabbc.modern.js
IP 8.247.219.250:0
File type ASCII text, with very long lines (24831), with no line terminators
Hash 97a96834598ace3a0f9cc8ff51c9f46d
befe01abb480eeed7b03fb087047fd311c95280d
966b792d03bb5258d7f3d2c8e254d6e3ac84ba18ffc4f262c51f087a967cadce
GET /_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/9ec65dba-37adabbc.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 8051
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-1f73"
expires: Wed, 01 Feb 2023 16:16:07 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13743
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7c44f9ff-071780c2.modern.js
8.247.219.250200 OK 6.4 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7c44f9ff-071780c2.modern.js
IP 8.247.219.250:0
File type ASCII text, with very long lines (24849), with no line terminators
Hash 5611cfd030ced41aef5cf1a7c96c63c6
36f1f443022e617c107475517a9573ae5d5befbe
9d0cd8971f1349222f88a73737d7e1b06a0dfb9900a9345092fc26f2e70cff50
GET /_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7c44f9ff-071780c2.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 6353
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-18d1"
expires: Wed, 01 Feb 2023 16:15:51 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13759
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/415e4ade.css
8.247.219.250200 OK 4.8 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/415e4ade.css
IP 8.247.219.250:0
File type ASCII text, with very long lines (31269), with no line terminators
Hash dfe9b3e6dd8bcb8f0ca9cd4aba6e2ee4
f38714d157275ec7a53cdcab388045316b9488fc
6e4ceec7bc5cd76a5e043b9a74195afa72f407ce31d1fae1f9046cc95fe50098
GET /_nuxt/desktop/default/css/415e4ade.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: text/css
content-length: 4827
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-12db"
expires: Wed, 01 Feb 2023 14:31:24 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 20031
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/registration.Main-8e7bd135.modern.js
8.247.219.250200 OK 44 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/registration.Main-8e7bd135.modern.js
IP 8.247.219.250:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 644bb0a7aaad70ec4f32c65cd5c2359f
7fc65d5c8c7353e0e99723f8c257a72a1f12101c
433c0cb3f1bd26594a4800aa916633587164d1a520d0848c81b9a962a8142ab5
GET /_nuxt/desktop/default/registration.Main-8e7bd135.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 43568
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-aa30"
expires: Wed, 01 Feb 2023 16:17:40 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13651
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
8.247.219.250200 OK 454 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
IP 8.247.219.250:0
File type ASCII text, with very long lines (1429), with no line terminators
Hash 74421eb09f932cd00366a49a6c89dc90
d4b3a2da856a4167c1693b5cd7f29468035b0b39
04178e43c019a1e2dc9115f9adc618ec25b685cd9218bc36089fd14dc179d464
GET /_nuxt/desktop/default/css/c2b74bc7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: text/css
content-length: 454
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-1c6"
expires: Wed, 01 Feb 2023 08:31:20 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 41665
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-4edabf27.modern.js
8.247.219.250200 OK 18 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-4edabf27.modern.js
IP 8.247.219.250:0
File type Unicode text, UTF-8 text, with very long lines (43176), with NEL line terminators
Hash d9aa426d0b3fc2884cc5742871ac0931
be324f6e459abdd9bc47494c63e7fb451f4af31b
771872ba9b88aa69a02d4045a87ac3ee31af2b6335b886bb2d96292ee8be4b16
GET /_nuxt/desktop/default/vendors/betting.media-4edabf27.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 17545
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-4489"
expires: Wed, 01 Feb 2023 16:15:50 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13761
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/d07cef4b.css
8.247.219.250200 OK 1.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/d07cef4b.css
IP 8.247.219.250:0
File type ASCII text, with very long lines (4904), with no line terminators
Hash eab7b2b596e1a9ab69892bb2b26fe5d1
281fd315c66bbbca67c393ebb40f73128de40e99
c649da532af8b5c710729ff74f84994f9c56f105d0dc21a25735aa1d8ee84a8c
GET /_nuxt/desktop/default/css/d07cef4b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: text/css
content-length: 1240
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-4d8"
expires: Wed, 01 Feb 2023 08:43:55 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40877
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.media-b0a61640.modern.js
8.247.219.250200 OK 4.6 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/betting.media-b0a61640.modern.js
IP 8.247.219.250:0
File type ASCII text, with very long lines (18679), with no line terminators
Hash bc44469397272ad3848d6941861a42f2
33c93288d899ec704405133f615a6beaa1b35f99
36f2459f98b1b34f68c9704603139d095cfcba518b064159602cdf030d75d063
GET /_nuxt/desktop/default/betting.media-b0a61640.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 4560
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-11d0"
expires: Wed, 01 Feb 2023 16:15:56 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13755
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-ff86f08d.modern.js
8.247.219.250200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-ff86f08d.modern.js
IP 8.247.219.250:0
File type Unicode text, UTF-8 text, with very long lines (2449), with no line terminators
Hash 2abcde1c7f861e3839266637c052601e
f7a3042bf6b6bc0d96cb73005f0e3ea8f4b30668
41115c7aab94100d5ac2cef7c8e41c0068de95822eff57b80a8ee0fdd3d0196d
GET /_nuxt/desktop/default/ioc.dependencies.32-ff86f08d.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 1079
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-437"
expires: Wed, 01 Feb 2023 16:15:50 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13760
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-071412.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-071412.top%2Fen%2Fregistration&language=en
178.253.15.11200 OK 50 B URL HTTP/2 1xlite-071412.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-071412.top%2Fen%2Fregistration&language=en
IP 178.253.15.11:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b87a1addd40bfb43c006eedcb9f21f28
7c504dfdecbb7e3e61f8681eb9e338a6698d5fc2
931bc5f84afccc01bc652d702e50b45ab57739699a88f157b994eda943ffcf57
Analyzer Verdict Alert quad9 Sinkholed
GET /frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-071412.top%2Fen%2Fregistration&language=en HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/json; charset=utf-8
content-length: 50
access-control-allow-origin: *
etag: W/"32-fFBN/ey7fj5h+GgeueM4pmmNX8I"
server-timing: requestTime; dur=42.964529; desc="req_t", renderTime; dur=42.977951; desc="rend_t", total; dur=45.285667; desc="Total Response Time"
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/checker/redirect/stat/run/
178.253.15.11200 OK 49 B URL HTTP/2 1xlite-071412.top/checker/redirect/stat/run/
IP 178.253.15.11:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b7a9075de81cdb1a9fa74fa71b5126dd
9d651f649e1c5eab95d3b0ca7cc9b02dec41df61
86877f86c7d18d59e54d73c43e6709a91a7f0a6a86980cada7f4b7e69c13cf20
Analyzer Verdict Alert quad9 Sinkholed
GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/json; charset=utf-8
content-length: 49
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/web-api/external-api/getFirstDepositBonus
178.253.15.11200 OK 26 kB URL HTTP/2 1xlite-071412.top/web-api/external-api/getFirstDepositBonus
IP 178.253.15.11:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash 181c697e719f2e99d555fc5fc506ee4e
255e43cf3bc53b3c8b074887535e5e3b459c70bf
de7a37da1daf2c26bdf5ac7fdd6114f9bb14daef61f65bb46b9267db4e032e7f
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=40, dt_285;dur=43
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/web-api/user/secure
178.253.15.11200 OK 58 B URL HTTP/2 1xlite-071412.top/web-api/user/secure
IP 178.253.15.11:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d7d7f7a99ebdd662bad162b13d902ed8
34ee36c81bf3d5575f30a343a400f218bcbab62f
0a0cfc4fccc1a0ad36c82bc75838627bb89528c0e1cee13afda1abded153865a
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/user/secure HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Origin: https://1xlite-071412.top
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/json; charset=utf-8
content-length: 58
server-timing: dt_285;dur=85
set-cookie: is_rtl=1; expires=Wed, 31-Jan-2024 20:05:10 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
fast_coupon=true; expires=Tue, 07-Feb-2023 20:05:10 GMT; Max-Age=604800; path=/
v3fr=1; expires=Fri, 03-Feb-2023 20:05:10 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax
_glhf=1675213286; expires=Tue, 31-Jan-2023 21:05:10 GMT; Max-Age=3600; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/web-api/default/img/icons/pixels2.svg?v=1675195528
178.253.15.11200 OK 235 B URL HTTP/2 1xlite-071412.top/web-api/default/img/icons/pixels2.svg?v=1675195528
IP 178.253.15.11:0
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash b41553a22c887cce091cfed409583620
3477821ba4fd91596b80ce7af0ce20e75c22b3bd
2768842d7a8081fbe6a790bfd209f83fccb95650f37fb17683c78809988675e0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/default/img/icons/pixels2.svg?v=1675195528 HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=32, dt_285;dur=34
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/web-api/api/internal/v1/proof_of_age
178.253.15.11204 No Content 0 B URL HTTP/2 1xlite-071412.top/web-api/api/internal/v1/proof_of_age
IP 178.253.15.11:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
cache-control: no-cache, private
server-timing: p;dur=29, dt_285;dur=33
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 31 Jan 2023 19:45:20 GMT
expires: Tue, 31 Jan 2023 21:45:20 GMT
cache-control: public, max-age=7200
age: 1191
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1xlite-071412.top/web-api/api/v3/bonuses/welcome-bonuses
178.253.15.11200 OK 1.1 kB URL HTTP/2 1xlite-071412.top/web-api/api/v3/bonuses/welcome-bonuses
IP 178.253.15.11:0
Hash c3047f32333e7020844e76537ccae61c
7ece41b8dcb96a37086a94c5b4cc46f246c34d6b
ef5481a9fe7e65d884f9c096929e1979bfb83d963ce3825cb69d9559f77ab590
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/v3/bonuses/welcome-bonuses HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
server-timing: p;dur=37, dt_285;dur=40
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.AdminRequest/Page.Office.BetsHi/963f8409-d470476b.modern.js
8.247.219.250200 OK 14 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.AdminRequest/Page.Office.BetsHi/963f8409-d470476b.modern.js
IP 8.247.219.250:0
File type Unicode text, UTF-8 text, with very long lines (57248), with no line terminators
Hash 0eb8f1fbd9681805e6e73e8ad42b356a
b63b54764f52926a399b13e056545c6334fe37aa
c005e43cf8e5fd0682c73e55015e54528889cbc6e40e5a891233c8d5d93cf583
GET /_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.AdminRequest/Page.Office.BetsHi/963f8409-d470476b.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 14507
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-38ab"
expires: Wed, 01 Feb 2023 16:15:56 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13759
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-071412.top/_nuxt/Desktop/Default/svg-sprites/bonusSelect-2000120.svg
178.253.15.11200 OK 14 kB URL HTTP/2 1xlite-071412.top/_nuxt/Desktop/Default/svg-sprites/bonusSelect-2000120.svg
IP 178.253.15.11:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15052), with no line terminators
Hash e9341c1d9485439bf7039f83307e6415
07302610b47a1597d7ec82d48248eae17d87f158
219a7fa3f8062be4b002a80b2f8a9730328873be9ecf37c6f8dfc997d0d41aeb
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/Desktop/Default/svg-sprites/bonusSelect-2000120.svg HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850; tzo=0; _ga_7JGWL9SV66=GS1.1.1675195529.1.0.1675195529.0.0.0; _ga=GA1.1.2033725721.1675195529; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1675213286
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
etag: W/"63d79f43-3acc"
expires: Wed, 01 Feb 2023 20:04:13 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-e3ee18f6.modern.js
8.247.219.250200 OK 11 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-e3ee18f6.modern.js
IP 8.247.219.250:0
File type Unicode text, UTF-8 text, with very long lines (41843), with no line terminators
Hash 3958797412895cbddbe52699ada2475a
a9859083e86582eb1bd7613d19957919ec6421b6
cb635e484c9416bbbd78a8ef267da6562037e6c250174426b038f9b3858a2c50
GET /_nuxt/desktop/default/Registration.Fields-e3ee18f6.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 11235
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-2be3"
expires: Wed, 01 Feb 2023 16:16:27 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13725
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-071412.top/web-api/registration
178.253.15.11200 OK 3.3 kB URL HTTP/2 1xlite-071412.top/web-api/registration
IP 178.253.15.11:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (13947), with no line terminators
Hash 68a5c53acee49969dc1c600294de33a9
2fa88df7db5f016aea0ef628d50486fee221ba77
944676d19f256118d1f3fd51eea32f71e27589329798f2cb2143a9d34eaa2fc6
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/registration HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Content-Type: application/json
Content-Length: 18
Origin: https://1xlite-071412.top
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850; tzo=0; _ga_7JGWL9SV66=GS1.1.1675195529.1.0.1675195529.0.0.0; _ga=GA1.1.2033725721.1675195529; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1675213286
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
server-timing: dt_285;dur=74
set-cookie: is_rtl=1; expires=Wed, 31-Jan-2024 20:05:11 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/web-api/q/9c70db1612bfb0029c01123fed619111fae206448
178.253.15.11200 OK 63 B URL HTTP/2 1xlite-071412.top/web-api/q/9c70db1612bfb0029c01123fed619111fae206448
IP 178.253.15.11:0
Hash 0dae4c13255183a4b0097640427d3e06
8a020bb5ba501b42e64b78d23104d728855f1b68
51b95ef336520f3f0be882d1966530e8880e9c3a6baa670362a6690823375729
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/q/9c70db1612bfb0029c01123fed619111fae206448 HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-071412.top/en/registration?type=fast
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://1xlite-071412.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850; tzo=0; _ga_7JGWL9SV66=GS1.1.1675195529.1.1.1675195529.0.0.0; _ga=GA1.2.2033725721.1675195529; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1675213286; ggru=188; _gid=GA1.2.2065756750.1675195529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=47, dt_285;dur=49
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1xlite-071412.top/web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-071412.top%2Fen%2Fregistration&geo=137&language=en
178.253.15.11200 OK 210 B URL HTTP/2 1xlite-071412.top/web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-071412.top%2Fen%2Fregistration&geo=137&language=en
IP 178.253.15.11:0
File type JSON data\012- , ASCII text, with no line terminators
Hash f4b3f26878ec09bf646ff730c19c7c9d
145669ee34836731a34fe386b5294edfed1f856d
770bd5230583f0c9802ef3b95e4cb61a49cb7607e1282610066ff118308b9285
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-071412.top%2Fen%2Fregistration&geo=137&language=en HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850; tzo=0; _ga_7JGWL9SV66=GS1.1.1675195529.1.1.1675195529.0.0.0; _ga=GA1.2.2033725721.1675195529; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1675213286; ggru=188; _gid=GA1.2.2065756750.1675195529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: application/vnd.api+json
cache-control: max-age=300, private
server-timing: p;dur=22, dt_285;dur=271
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1xlite-071412.top/web-api/api/converslon/load
178.253.15.11200 OK 6.5 kB URL HTTP/2 1xlite-071412.top/web-api/api/converslon/load
IP 178.253.15.11:0
Hash 1678f22d6dc8fbb5078da9f613f999f4
d26ee0712202e6758d748bd285fcc3c572b84d84
6600b5af2dfa40a6924b38b8a484baa47749fc9e2d3228c04264cdb3c2bf23dc
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/converslon/load HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=22, dt_285;dur=651
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
www.google.com/recaptcha/api.js?render=explicit&hl=en
216.58.211.4200 OK 557 B URL HTTP/2 www.google.com/recaptcha/api.js?render=explicit&hl=en
IP 216.58.211.4:0
File type ASCII text, with very long lines (852), with no line terminators
Hash d79ca9c288b1cdf554efa3e70d3281b3
5a5f065d877044c39b9a7be699527db79c919cfa
250f8208fc7ffc32bf751c8a1a788f7da3ed09c2248890bc403f89f1ed83c2c3
GET /recaptcha/api.js?render=explicit&hl=en HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Tue, 31 Jan 2023 20:05:13 GMT
date: Tue, 31 Jan 2023 20:05:13 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash e0bc98d03057dabba1334b62bea0975b
b358a8123908fe4b1c94a1273cac45c4e23b212e
10ef320ba825ca0e17d039b66fd2f321f4d2c687a8734d226fa25e9b45e109d9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
142.250.74.35200 OK 164 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (771)
Size 164 kB (163774 bytes)
Hash 57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b
GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-071412.top
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 17:09:34 GMT
expires: Tue, 30 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
age: 96939
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 425831
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 00:39:09 GMT
expires: Wed, 31 Jan 2024 00:39:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
age: 69965
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 444271
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1xlite-071412.top/_nuxt/Desktop/Default/svg-sprites/country-2000120.svg
178.253.15.11200 OK 0 B URL HTTP/2 1xlite-071412.top/_nuxt/Desktop/Default/svg-sprites/country-2000120.svg
IP 178.253.15.11:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/Desktop/Default/svg-sprites/country-2000120.svg HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850; tzo=0; _ga_7JGWL9SV66=GS1.1.1675195529.1.1.1675195529.0.0.0; _ga=GA1.2.2033725721.1675195529; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1675213286; ggru=188; _gid=GA1.2.2065756750.1675195529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
etag: W/"63d79f43-26280"
expires: Wed, 01 Feb 2023 20:02:47 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
suphelper.com/widget/injector.js
104.16.43.72200 OK 0 B URL HTTP/2 suphelper.com/widget/injector.js
IP 104.16.43.72:0
GET /widget/injector.js HTTP/1.1
Host: suphelper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:12 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-d49403fd-098b-41ec-b2fa-70a24447f25c' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://suphelper.ru wss://suphelper.ru *.suphelper.ru https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
cache-control: public, max-age=300
last-modified: Tue, 03 Jan 2023 09:24:23 GMT
etag: W/"28e6c-18576f23558"
vary: Accept-Encoding
cf-cache-status: HIT
age: 76
server: cloudflare
cf-ray: 79250f8ffdb995f0-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1xlite-071412.top/registration/
178.253.15.11302 Found 0 B URL HTTP/2 1xlite-071412.top/registration/
IP 178.253.15.11:0
Analyzer Verdict Alert quad9 Sinkholed
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET /registration/ HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Tue, 31 Jan 2023 20:05:08 GMT
location: /en/registration
reason-v3: empty_lang
server-timing: total;dur=4;desc="Nuxt Server Time", dt_285;dur=166
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: platform_type=desktop; Path=/; Expires=Fri, 03 Feb 2023 20:05:07 GMT
auid=sv0PC2PZdHS+11ONA1Q9Ag==; path=/; secure; httponly; samesite=lax
X-Firefox-Spdy: h2
1xlite-071412.top/en/registration
178.253.15.11200 OK 0 B URL HTTP/2 1xlite-071412.top/en/registration
IP 178.253.15.11:0
Analyzer Verdict Alert quad9 Sinkholed
GET /en/registration HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:08 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=579;desc="Nuxt Server Time", dt_285;dur=593
set-cookie: SESSION=fe7476533ca2073f02a9fe8537f0a22b; Path=/; HttpOnly; Secure; SameSite=Lax
lng=en; Path=/
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-071412.top%2Fen%2Fregistration
178.253.15.11200 OK 0 B URL HTTP/2 1xlite-071412.top/web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-071412.top%2Fen%2Fregistration
IP 178.253.15.11:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-071412.top%2Fen%2Fregistration HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850; tzo=0; _ga_7JGWL9SV66=GS1.1.1675195529.1.1.1675195529.0.0.0; _ga=GA1.2.2033725721.1675195529; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1675213286; ggru=188; _gid=GA1.2.2065756750.1675195529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: application/vnd.api+json
cache-control: max-age=300, private
server-timing: p;dur=121, dt_285;dur=122
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-071412.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137
178.253.15.11200 OK 0 B URL HTTP/2 1xlite-071412.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137
IP 178.253.15.11:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=90, dt_285;dur=92
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2