Report - 1xlite-071412.top/registration/

Report Overview

Submitted URL
1xlite-071412.top/registration/
IP
178.253.15.11
ASN
#0
Submitted
2023-01-31 20:05:19
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
60

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
1xlite-071412.top	unknown	2023-01-27T00:57:27Z	2023-02-11T16:20:22Z	19 kB	154 kB	178.253.15.11
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	445 B	165 kB	142.250.74.35
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	68 kB	34.120.237.76
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	374 B	21 kB	142.250.74.46
suphelper.com	156440	2019-10-30T16:54:02Z	2023-03-13T06:54:15Z	369 B	1.5 kB	104.16.43.72
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.77.32
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3.4 kB	7.0 kB	142.250.74.131
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	387 B	46 kB	142.250.74.40
radar.cedexis.com	3035	2013-11-27T03:31:43Z	2023-03-13T07:56:47Z	374 B	19 kB	45.54.49.5
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.162.52.254
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	548 B	2.5 kB	142.250.74.106
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	2.4 kB	82 kB	216.58.207.227
www.google.com	7	2015-05-10T13:11:19Z	2023-03-13T06:40:43Z	390 B	1.1 kB	216.58.211.4
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	1.4 kB	3.9 kB	104.18.32.68
v3.traincdn.com	unknown	2022-11-25T11:00:40Z	2023-03-13T05:11:39Z	13 kB	779 kB	8.247.219.250

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-31 20:05:25	medium	Client IP	Internal IP	ET DNS Query to a *.top domain - Likely Hostile
2023-01-31 20:05:25	medium	Client IP	178.253.15.11	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed
2023-01-31	medium	1xlite-071412.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (48)

	URL	Size	First Seen	Last Seen
	v3.traincdn.com/_nuxt/desktop/default/app-7065404e.modern.js	753 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/app-7065404e.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:10:31 Last Seen2023-03-13 14:04:09 Times Seen1 Hash 5c5b4b68d9f6157748c21a00a2e759a3 fb7eec347c08908949427b1b834068c3937b6c4f 88b71569dea35ce79b800893768aee98e6b8f94e2a66df6fc30431de9f947851 Loading...

	1xlite-071412.top/_nuxt/desktop/default/date-fns-locale-21-8f364136.modern.js	9.0 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-071412.top/_nuxt/desktop/default/date-fns-locale-21-8f364136.modern.js IP 178.253.15.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:47:58 Last Seen2023-03-13 14:05:31 Times Seen1 Hash 59c44ce07ed22c99deebad87fc471f3c 0583b19117dd6685b167c2ce25118c36c52d9321 5cf464ec86aebeeaadf41bc3e880e390daa42cf2b3c5474d5f6504bf7b722e1c Loading...

	v3.traincdn.com/_nuxt/desktop/default/DC-2014d636.modern.js	2.5 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/DC-2014d636.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:47:58 Last Seen2023-03-13 14:05:31 Times Seen1 Hash 7605b02314e27a1a28ad89e7a2e05f95 e4c98546e51741238dd43e39d5b470922b022a51 fd6c186a3789abfe64e5fb033c1bc07bc56042afcea6d45cdc858dfaf10a5e67 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.46 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	www.google.com/recaptcha/api2/bframe?hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t	178 B	2023-03-07	2023-03-26
Pretty URL www.google.com/recaptcha/api2/bframe?hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:32 Last Seen2023-03-26 14:32:23 Times Seen11 Hash 809703dfdc113f9d23c68d5215e50fb3 e8a35503236dd77c43477d45bb6cbdae83c26895 d3751dd15e46e961bc81bbfea52161f192408cc3f10ddb85d4adfe759922706e Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Registration-673051a6.modern.js	3.0 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Registration-673051a6.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:49:12 Last Seen2023-03-13 14:05:30 Times Seen1 Hash 98ba8abacfad44dc6f29e99c7aeabc9f 5f4db15a93bc83254dbc3e353b2249af2191c14a 802ac92b6738f6d5c2dea4fd405ee5272651caeb5e185b1cd78f34af8702a496 Loading...

	unknown	0 B	2023-03-07	2024-04-23
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-23 14:13:48 Times Seen37020138 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	radar.cedexis.com/1593429750/radar.js	45 kB	2023-03-07	2023-11-16
Pretty URL radar.cedexis.com/1593429750/radar.js IP 45.54.49.5 ASN #63911 NetActuate, Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2023-11-16 11:36:04 Times Seen2664 Hash f0bad4e1f4843352017e0dcec735975a 7708b6d1c3966fda619af0bfb64d5c14b85e5da9 79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390 Loading...

	suphelper.com/widget/?build=1672737829554&lang=en-GB&langInited=true&opener=full	203 B	2023-03-07	2024-01-20
Pretty URL suphelper.com/widget/?build=1672737829554&lang=en-GB&langInited=true&opener=full IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:52 Last Seen2024-01-20 20:21:11 Times Seen1389 Hash c762ec1a23a59894a334b9bb9fb7fa41 8751a4d124eb7a0ac54097933749b73b7a0409c0 6fd4ec66c226d3bd937a8620622453b33ab935ae30c6bbcf6cc9d62f69804ecf Loading...

	suphelper.com/widget/public/bundle.c7b8b65c246801981786.js	214 kB	2023-03-12	2023-03-14
Pretty URL suphelper.com/widget/public/bundle.c7b8b65c246801981786.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:42:54 Last Seen2023-03-14 08:46:50 Times Seen1 Hash 7edc2f805c257b70e5f1ef7065890036 04e3e17225614d16c71e8a82546b5cd0505c6f29 8d79aab7990b145da9069efcb28cc03a284310968f825733ff7d349ef8669937 Loading...

	v3.traincdn.com/_nuxt/desktop/default/runtime-a80dc1c6.modern.js	40 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/runtime-a80dc1c6.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:10:31 Last Seen2023-03-13 14:05:31 Times Seen1 Hash 28c68caed54d4c8e5bc8474b29244f08 91fcfcdd718131c0021b458128d17119ecd4a5bc 70d2d627cc09f53c029b99c49bcd417007d932411bb289119903d7042c8d3b58 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&co=aHR0cHM6Ly8xeGxpdGUtMDcxNDEyLnRvcDo0NDM.&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&theme=light&size=invisible&badge=inline&cb=z2ezqr2exz1n	69 B	2023-03-07	2024-04-23
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&co=aHR0cHM6Ly8xeGxpdGUtMDcxNDEyLnRvcDo0NDM.&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&theme=light&size=invisible&badge=inline&cb=z2ezqr2exz1n IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:05 Last Seen2024-04-23 14:06:49 Times Seen99252 Hash 45ecf7458f42da80ac248ad42d610372 a5b3edf8328769bc754e6e616a957ceed4fdadd7 75867e75b209895995014b43c3d711476e3437481e5fbec91a4da674302558bf Loading...

	v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-a058339a.modern.js	14 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-a058339a.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:47:58 Last Seen2023-03-13 14:05:31 Times Seen1 Hash ae2815382a566b1ef1fdbdb443aa1a3e f7185a4a16072c64bf4eb0dfde858fd008745e57 d428dbeac153a7992637d1551ae968d15a6eb008c29b6d1744a7f447454d131e Loading...

	1xlite-071412.top/_nuxt/desktop/default/plugins.vue-js-modal-4aa1340f.modern.js	26 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-071412.top/_nuxt/desktop/default/plugins.vue-js-modal-4aa1340f.modern.js IP 178.253.15.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:47:58 Last Seen2023-03-13 14:05:31 Times Seen1 Hash 7cfc31faddc40e8c37bdbd0facabe6b9 595124d8787bcf78e7ed123d593178a130ccec30 4845c44b9e78cff97b61ce155a7c167cdd32521ab16888b73b71267ac04ad3e5 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/da6c9763-f110c4f4.modern.js	21 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/da6c9763-f110c4f4.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:49:12 Last Seen2023-03-13 14:05:30 Times Seen1 Hash 4a2f3b27eb8f4ef0022b85a705597fd4 e4e5a39b724fa3dbd5e4bd301102161c52760b91 18f4c3dc5fb53a9ab50b9f5d8223de87ff3f646cb9e6148d19e47b3856df250d Loading...

	suphelper.com/widget/?build=1672737829554&lang=en-GB&langInited=true&opener=full	441 B	2023-03-07	2024-01-20
Pretty URL suphelper.com/widget/?build=1672737829554&lang=en-GB&langInited=true&opener=full IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:52 Last Seen2024-01-20 20:21:10 Times Seen1475 Hash 562c0a945070f06a208058106238c55f c5b09a8a2efe65342f36dfe49c26b717eeed82de e98fce7d083f719412d5e10b42e777b4bd0c7bf4b83e2a151de5500bd044f2cb Loading...

	1xlite-071412.top/en/registration	779 B	2023-03-13	2023-03-13
Pretty URL 1xlite-071412.top/en/registration IP 178.253.15.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:56:08 Last Seen2023-03-13 14:05:31 Times Seen1 Hash 781c33772efc1394043f4fe1542353d3 cdde99b7839ecd635567f7caca07f6e94ef5ed5c 2455fbcacaea5b18284cfa3337ebbe48554ff11a973928e42b5afdc309a7b095 Loading...

	1xlite-071412.top/_nuxt/desktop/default/vendors/plugins.vue-notification-1eebd76b.modern.js	12 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-071412.top/_nuxt/desktop/default/vendors/plugins.vue-notification-1eebd76b.modern.js IP 178.253.15.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:47:58 Last Seen2023-03-13 14:05:31 Times Seen1 Hash f3b121a25319bfeea3b3d03e10baedaf fc77e62ef613cb8da7a033427cf243c9c2987067 975683e9b3219e2ddf86a1f2f71cd37378514678297aadb3177f3c71f52c51da Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/9ec65dba-37adabbc.modern.js	25 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/9ec65dba-37adabbc.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:49:12 Last Seen2023-03-13 14:05:31 Times Seen1 Hash fc1dbb4c3f5d104eac4b73a104859e2a 2c3765fcadee198ca008a4100b87d56434c63294 5ec14e084e5d53350ece7b273520c9c8000f2a0a15b8cdb256eef856a8aab937 Loading...

	v3.traincdn.com/_nuxt/desktop/default/registration.Main-8e7bd135.modern.js	170 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/registration.Main-8e7bd135.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:49:12 Last Seen2023-03-13 14:05:31 Times Seen1 Hash 6339cae9657121cbf69c8c3131d8553c 91ed0c7a853192d013c28d1bf8938c1b39841e07 9e016d9c0f5e9796d398ae778a865dce1e533e5e611dae07b3cc6a5063de45dd Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.AdminRequest/Page.Office.BetsHi/963f8409-d470476b.modern.js	60 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.AdminRequest/Page.Office.BetsHi/963f8409-d470476b.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:49:12 Last Seen2023-03-13 14:05:31 Times Seen1 Hash 8985daf1a8d321f7d72809e2a75f3475 0acaf901f7cd72b98fba1f208aed4e628141de51 f3fa9f1e1da01731d5343c22bf3c3e43702340edc5b52f49481a8ae51a9a0965 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-e3ee18f6.modern.js	42 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-e3ee18f6.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:49:12 Last Seen2023-03-13 14:05:31 Times Seen1 Hash d6222869add4e57c9d9769902543ffcb b110b37b777ae16f006632898233bcab26dc9321 9bd46ba939872a9bd9e8edc8788fa7d433853d353a74e44b0da86384337aeaf9 Loading...

	www.google-analytics.com/gtm/js?id=GTM-5R4MT54&t=gtag_UA_178408567_1&cid=2033725721.1675195529	113 kB	2023-03-13	2023-03-13
Pretty URL www.google-analytics.com/gtm/js?id=GTM-5R4MT54&t=gtag_UA_178408567_1&cid=2033725721.1675195529 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:33:21 Last Seen2023-03-13 13:34:03 Times Seen1 Hash 59ceb441d010f5762c7e1ddf8cc2c671 397c073bd15870d81c33afc1d34575e33f8bfaed c9d61b29f82f3b0fc02f451ed07fc09b677804622aa48e9b9d2f51b96fef8d3a Loading...

	1xlite-071412.top/en/registration	795 B	2023-03-08	2024-02-13
Pretty URL 1xlite-071412.top/en/registration IP 178.253.15.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:50 Last Seen2024-02-13 14:23:26 Times Seen2399 Hash d142026b9af7316cb97a9331199c8cf2 4ffe70e80a10f689006b1e3a518019fdc077f2b2 519b6d15761517d0ecc72fb32c0e4c6479ed232c8cd01985a3bd963a26233a9f Loading...

	v3.traincdn.com/_nuxt/desktop/default/betting.media-b0a61640.modern.js	19 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/betting.media-b0a61640.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:47:58 Last Seen2023-03-13 14:05:31 Times Seen1 Hash 2975e028d244ff67d2de92f2e5e82574 e02fd6a00222adb634fde009db6e3ff49e6e9239 f177f29b690d9e6d925b32c83a325c6b67cc3a8583867243e9f90d907ed3069f Loading...

	v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-ff86f08d.modern.js	2.5 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-ff86f08d.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:47:58 Last Seen2023-03-13 14:05:31 Times Seen1 Hash 94cf74eabebd0ad47bafc82234965f24 55d05e8360afbbff33443f387aafb6a433128a71 6641678ba6e57a0c47debdb6aa046ec0eb26a8a74495291fa03c4700dbc6c30d Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Block/Page.Maintenance/Page.Registration/Page.SiteUpdates-bddbd34c.modern.js	200 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Block/Page.Maintenance/Page.Registration/Page.SiteUpdates-bddbd34c.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:49:12 Last Seen2023-03-13 14:05:31 Times Seen1 Hash eeb41618c0d6bf01fd8d825e88048d93 d602ef4c78816e5fd8bcb0ce3ed63d502be96329 c5da4ce986a74af02d3e517e600e1299f73e00974843bf5af378e6d305c8b477 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/eb0fc106-84a68117.modern.js	8.7 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/eb0fc106-84a68117.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:47:58 Last Seen2023-03-13 14:05:31 Times Seen1 Hash 7ee69a9202fca65cd535e0d68e4451a2 8c38b6b8b7d673f1d1d2a7179c5c27a7c746f87b d1e91d4c9fbe85b37c6222b7e32686a620ca89b0181482caff669e64c232b4f1 Loading...

	1xlite-071412.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-57978af9.modern.js	76 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-071412.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-57978af9.modern.js IP 178.253.15.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:47:58 Last Seen2023-03-13 14:05:31 Times Seen1 Hash a3bb1fa51b58c8d3cbd8d8efaf180634 d0fc102a03db069548fb3e9a0e1c44d466f2a289 c7d4a1aa209e730a11cc2e4ee6b878b77da943e1d084e8b50955deff50bd754b Loading...

	suphelper.com/widget/public/chunk.0e784b6d22ea4f47c4cb.js	1.4 MB	2023-03-12	2023-03-25
Pretty URL suphelper.com/widget/public/chunk.0e784b6d22ea4f47c4cb.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:42:55 Last Seen2023-03-25 23:59:37 Times Seen10 Hash 7e7d49dbadec83f0c94eeffbb33ca2aa eb9913f857000aafb2ed501f635aa94f5bacb3b0 f68513b9007a1261a958941ec1eb8857fd0259609565fdf5e5b5c8d9e77aeab4 Loading...

	1xlite-071412.top/en/registration	191 kB	2023-03-13	2023-03-13
Pretty URL 1xlite-071412.top/en/registration IP 178.253.15.11 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:34:03 Last Seen2023-03-13 13:34:03 Times Seen1 Hash 849d9dfe07fceab0ef3ee700beaf7077 9e43e4143a2a96bb5a6c70736e4837a10b57dee2 34a5ae40e132e4b2d5705b4005a51997f88bb261e544e52f6893607c309c8a07 Loading...

	www.googletagmanager.com/gtag/js?id=UA-178408567-1	116 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-178408567-1 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:34:03 Last Seen2023-03-13 13:34:03 Times Seen1 Hash 8a0fa8c3c3bb462895fa0b1fd0dc3796 1dfe19036f5c0191d663dd10168765993e7e528c 5ba6932a7955fc6f378e0fe30afc69cddea0313d0ccb6f1499891750ac8c4e94 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7c44f9ff-071780c2.modern.js	25 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7c44f9ff-071780c2.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:49:12 Last Seen2023-03-13 14:05:31 Times Seen1 Hash 2742b7508672e3d1d08cdd72b8766c82 8c44bf8ac5f134769f8a20b995a3037980a99e7f 353fa9aecda12edf355be4ccba2003da750ae4904ac54922d29ede323cca95c6 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-4edabf27.modern.js	58 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-4edabf27.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:47:58 Last Seen2023-03-13 14:05:31 Times Seen1 Hash 34b0256958f19775049f0b6bee58d5b3 9b2270308e6419df5ecc56c48d1ed6d52f2bf739 69df844d9480aeeaf1bb1ca6868a6ead916bc55753f207b3d8badace888fbaa7 Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c	229 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:34:03 Last Seen2023-03-13 13:34:03 Times Seen1 Hash c855b11dd4887ddf4150528b809a730a 7a7bde9b7bec4dcb298956823de8124e83e908ca 9d48db3566b3d6e3226549f2dd855d716ca188b2b52c861c6d492ad3f1a29a1e Loading...

	suphelper.com/widget/injector.js	168 kB	2023-03-12	2023-03-14
Pretty URL suphelper.com/widget/injector.js IP 104.16.43.72 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 13:42:55 Last Seen2023-03-14 08:46:50 Times Seen1 Hash 705b743c50a8ce85d13e777bacf9b4dd d1dd64dce493bd9b50552d23d949561de5574999 3f838769c403a76e92fc459d87a640634338c264e6b8293a3133e4582100d804 Loading...

	suphelper.com/widget/api/i18n-source/en-GB.js?bn=1672737829554	11 kB	2023-03-07	2023-03-25
Pretty URL suphelper.com/widget/api/i18n-source/en-GB.js?bn=1672737829554 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:50:04 Last Seen2023-03-25 23:59:37 Times Seen9 Hash 6a9b24361d21ec5751af0bf2964d4fc6 bc058466f4b7e91d55996f239557466561efed62 5b493621ae5785f78b83a4ac33f8df4a055ed1621e2b9fa417f5942029975302 Loading...

	www.google.com/recaptcha/api.js?render=explicit&hl=en	852 B	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api.js?render=explicit&hl=en IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:20:15 Last Seen2023-03-13 15:34:13 Times Seen1 Hash dc3095fea4657659cb974d79694b5140 6e1957a99a9641447cf6fdc64dcb7dd3a0709306 95e7e188461e83eacca6f8eb8f8bcc04901e8a94769035874028687136d352fa Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/app-0a7f18f1.modern.js	780 kB	2023-03-13	2023-03-13
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/app-0a7f18f1.modern.js IP 8.247.219.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:10:31 Last Seen2023-03-13 14:05:31 Times Seen1 Hash 7b2f2bb1ec08e7374d232c5883f7e7e4 747e470a72417f674e7cb8a64ef5365f24a9477e 207efaba61ab7c872eedb3c56b6d9a07aae464fa3d5491dcffa18ae048341f53 Loading...

	www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&co=aHR0cHM6Ly8xeGxpdGUtMDcxNDEyLnRvcDo0NDM.&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&theme=light&size=invisible&badge=inline&cb=z2ezqr2exz1n	36 kB	2023-03-13	2023-03-13
Pretty URL www.google.com/recaptcha/api2/anchor?ar=1&k=6LcHxwcUAAAAAIUazEuUGlfmc7IyjkUDFXwtd70t&co=aHR0cHM6Ly8xeGxpdGUtMDcxNDEyLnRvcDo0NDM.&hl=en&v=RGRQD9tdxHtnt-Bxkx9pM75S&theme=light&size=invisible&badge=inline&cb=z2ezqr2exz1n IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 13:34:03 Last Seen2023-03-13 13:34:03 Times Seen1 Hash 230947c65db34cbacb4b0e38781ab712 c292f2b594ba550974a01d3ea5b07c90f83c75a4 9f89598d34c2aa0c4cc704491505ff37cc4cebf7c0efbd8629b46fd0357ef535 Loading...

	www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js	412 kB	2023-03-13	2023-03-13
Pretty URL www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:01:06 Last Seen2023-03-13 15:37:41 Times Seen1 Hash 10fa8a547b2ef125150037f815579540 32d80f0b24826584a73c4113d51300b7666282cb a0a04c24a9bdaac0e8aa2d22df95a7ae8c0d744a31b732da3d6e4bb279c79e40 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 53c0880f8f32160b9d3b7cfd1ed057ed	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:53:05 Last Seen2023-03-13 16:32:37 Times Seen1 Hash 53c0880f8f32160b9d3b7cfd1ed057ed cf64a8578aac0cdbef32ee14885a2b2b68984ecc e62188d211f8522a0d02bbc2b5e8fea05d32dd1b03c4602c86673da2007d97dd Loading...

	#2 Eval - 43e9dadf1a2713a7d04c3aa57064a336	16 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 13:34:03 Last Seen2023-03-13 13:34:03 Times Seen1 Hash 43e9dadf1a2713a7d04c3aa57064a336 ddbfe7489017c08b202863eac3e603aa3d8ea34c 299c3bd8c3e0db21c43f24415d12bc7c7e34a3180ca7b75da653d4ac4e5ce360 Loading...

	#3 Eval - 036738ede44fde2b76e54f895eed2136	16 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 13:34:03 Last Seen2023-03-13 13:34:03 Times Seen1 Hash 036738ede44fde2b76e54f895eed2136 b6bfbae87bdc3bfc59085cf405d6cd867077bcfd 4c24289cbd02ed0af2285e124c8bca182505efa66ee1d1d9a3db85a70b4ebbd6 Loading...

	#4 Eval - dc0c1d1ae1789271f3d76661e40eba86	64 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:53:05 Last Seen2023-03-13 16:32:37 Times Seen1 Hash dc0c1d1ae1789271f3d76661e40eba86 93d5679b5163dfbc63bbe3e2296d250a4221a62c 2c6fcc10d170735ea0103cebd297129fae592327ed69dbf1773991fe63c4d8d0 Loading...

	#5 Eval - 0f48fd78a406eb6667e584168b0784c1	22 B	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:53:05 Last Seen2023-03-13 16:32:37 Times Seen1 Hash 0f48fd78a406eb6667e584168b0784c1 37743d32242a67dadfb76d656dd47018fa6e7391 0af0cb21968fe023d8ea63ee97d9b7172bb86ffeab2023aa51326d793e379a00 Loading...

	#6 Eval - d3168a7560e469dea4fdd5fd30691914	18 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 13:34:03 Last Seen2023-03-13 13:34:03 Times Seen1 Hash d3168a7560e469dea4fdd5fd30691914 9aa7078a8595edeb7e1b8aa6eec6e852a036b8c6 7b11a7e5ced76ad62d69ed507b842a2100b661926e11ef605f7654e6977ac110 Loading...

	#7 Eval - e063d1953a17069ad02dbf986818b8dc	16 kB	2023-03-12	2023-03-13
Pretty Observations First Seen2023-03-12 15:53:05 Last Seen2023-03-13 16:32:37 Times Seen1 Hash e063d1953a17069ad02dbf986818b8dc 8abad2ce510b756a3ef25bd9298fe29c268e9eee d90538b891b0faa88bb08314660918942260c2ace5720f0bb44498bd13171c76 Loading...

HTTP Transactions (103)

URL IP Response Size

1xlite-071412.top/registration/

178.253.15.11

301 Moved Permanently

162 B

URL HTTP/1.1
1xlite-071412.top/registration/
IP
178.253.15.11:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /registration/ HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 31 Jan 2023 20:05:07 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://1xlite-071412.top/registration/

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9814
Expires: Tue, 31 Jan 2023 22:48:41 GMT
Date: Tue, 31 Jan 2023 20:05:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4051
Expires: Tue, 31 Jan 2023 21:12:38 GMT
Date: Tue, 31 Jan 2023 20:05:07 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 19:35:54 GMT
content-type: application/json
age: 1753
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7345
Expires: Tue, 31 Jan 2023 22:07:32 GMT
Date: Tue, 31 Jan 2023 20:05:07 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Wq+gh/H6+fKwrj6dd1uAOKjRRdseEsbQNnHVbnygdzJvSrUqkBnpUt59Ztxn2cW0cu5faeb9d+M=
x-amz-request-id: BNGA09M59FDJNMJA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 19:51:17 GMT
age: 830
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d7ef4e252c12c98400efbd34693254d2
a310c72b873b85d556564b0217a73afca628c8b2
926cfc2ce8ca58003a02804c6f62417f7c45f0625dba30a30e50cf2cec6c364d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "926CFC2CE8CA58003A02804C6F62417F7C45F0625DBA30A30E50CF2CEC6C364D"
Last-Modified: Sun, 29 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9301
Expires: Tue, 31 Jan 2023 22:40:08 GMT
Date: Tue, 31 Jan 2023 20:05:07 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:07 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 19:41:42 GMT
age: 1406
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2376
Expires: Tue, 31 Jan 2023 20:44:44 GMT
Date: Tue, 31 Jan 2023 20:05:08 GMT
Connection: keep-alive

push.services.mozilla.com/

35.162.52.254

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.162.52.254:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: nRzb+EnI8Q6T+bfZt4G/AQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 4l5Wc6PILineYWZK07SX/nfD6sU=

1xlite-071412.top/genfiles/cms/pg/285/css/value/25c9fae1a3ccc774c9190693aba677fb.css

178.253.15.11

200 OK

6.4 kB

URL HTTP/2
1xlite-071412.top/genfiles/cms/pg/285/css/value/25c9fae1a3ccc774c9190693aba677fb.css
IP
178.253.15.11:0
ASN
#0

File type
ASCII text, with very long lines (34634), with no line terminators
Size
6.4 kB (6360 bytes)
Hash
1adb2bb492541c5000bd08ee55272e92
da53e8720c8be6aa0a9ec8376387eca2f05f744d
5d19f140829781736e2e4562c32be196d6c8a5c316ccf17f98c6f6c1ba6f7a74

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/pg/285/css/value/25c9fae1a3ccc774c9190693aba677fb.css HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:08 GMT
content-type: text/css
vary: Accept-Encoding
last-modified: Sat, 28 Jan 2023 12:46:35 GMT
x-rgw-object-type: Normal
etag: W/"a096fa1f997b41d35a16344cf6f30e8e"
content-encoding: br
expires: Tue, 31 Jan 2023 21:05:08 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6d208f0208216b211ab9fd5d0ca0d421
3a275011eae8857994aa7c4374762d8a6ef537ed
6af4673c8e8eddb935ab5218b3ddd3c8a405d716d6d6865fbf72a18f6be3ecce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:05:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 15:03:03 GMT
Expires: Sun, 05 Feb 2023 15:03:02 GMT
Etag: "3a275011eae8857994aa7c4374762d8a6ef537ed"
Cache-Control: max-age=413272,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79250f7c1d640b59-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6d208f0208216b211ab9fd5d0ca0d421
3a275011eae8857994aa7c4374762d8a6ef537ed
6af4673c8e8eddb935ab5218b3ddd3c8a405d716d6d6865fbf72a18f6be3ecce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:05:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 15:03:03 GMT
Expires: Sun, 05 Feb 2023 15:03:02 GMT
Etag: "3a275011eae8857994aa7c4374762d8a6ef537ed"
Cache-Control: max-age=413272,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79250f7c1c97b4fd-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6d208f0208216b211ab9fd5d0ca0d421
3a275011eae8857994aa7c4374762d8a6ef537ed
6af4673c8e8eddb935ab5218b3ddd3c8a405d716d6d6865fbf72a18f6be3ecce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:05:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 15:03:03 GMT
Expires: Sun, 05 Feb 2023 15:03:02 GMT
Etag: "3a275011eae8857994aa7c4374762d8a6ef537ed"
Cache-Control: max-age=413272,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79250f7c1cbcb4fa-OSL

v3.traincdn.com/_nuxt/desktop/default/css/a895c423.css

8.247.219.250

200 OK

13 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/a895c423.css
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
13 kB (13325 bytes)
Hash
c025ff5d463833d2cdf1dc65d50f3224
a397c4f5debab58c1e86b343d88610cf9a87d2e6
a5d4fcfccdd231d15579f5fcd6502f01a11a75a4b6986387f9b8a914657fecbb

HTTP Headers

GET /_nuxt/desktop/default/css/a895c423.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 13325
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-340d"
expires: Wed, 01 Feb 2023 08:43:55 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40874
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Registration-673051a6.modern.js

8.247.219.250

200 OK

1.2 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Registration-673051a6.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (3016), with no line terminators
Size
1.2 kB (1155 bytes)
Hash
482e66606fe63024359689cf733203c5
46f17ec69443f18bad4e6048d0874be2551f5788
aa9a91745c7dfff8e672f78a7065cc39d392d7bcea220145cbf0c6463e78f371

HTTP Headers

GET /_nuxt/desktop/default/Page.Registration-673051a6.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 1155
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-483"
expires: Wed, 01 Feb 2023 16:17:05 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13684
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/047e1132.css

8.247.219.250

200 OK

632 B

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/047e1132.css
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (2717), with no line terminators
Size
632 B (632 bytes)
Hash
173cf01f59877386b179e20fec6daf7d
38e4b5cfd5d7a6615289383a50dee01af5b45ded
d962b5be50781582ec85722889f9dd66b2c5be28a2940d49c89180638354ca4b

HTTP Headers

GET /_nuxt/desktop/default/css/047e1132.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 632
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-278"
expires: Wed, 01 Feb 2023 15:40:09 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 15931
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/eb0fc106-84a68117.modern.js

8.247.219.250

200 OK

2.5 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/eb0fc106-84a68117.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (8713), with no line terminators
Size
2.5 kB (2525 bytes)
Hash
8a3d5760e7f4072beff4b4c5ac9774ac
82ce34a8c3388303cccb52037ab77b18e9f0f920
52bb424d95e259f74e882bf995cb2d176312c1b3565dd7bbdb069316dfd2c799

HTTP Headers

GET /_nuxt/desktop/default/Layout.Information/Page.Betting.Main/Page.Bonus/Page.Cyber.Calendar/Page.DesktopApps/Page.Game.Proje/eb0fc106-84a68117.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 2525
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-9dd"
expires: Wed, 01 Feb 2023 16:15:51 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13764
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg

8.247.219.250

200 OK

698 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Size
698 B (698 bytes)
Hash
baf96800254904a05eee2ff49c94a801
847efb3449a8d7857f004192310aa2164a71d530
0ba137aa5f655e712ac40a592f366d1bd3b53b0a6b71c2cff4e7e0090f440335

HTTP Headers

GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: image/svg+xml
content-length: 698
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Wed, 01 Feb 2023 03:09:24 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 60946
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/447d11ab.css

8.247.219.250

200 OK

2.2 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/447d11ab.css
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (15795), with no line terminators
Size
2.2 kB (2190 bytes)
Hash
5fb941d29b718359b71687ec6cf4314d
36be41877b2731605f6fb9652089bbc8c9c73449
e675a93c542158af424a306d63665fb7f277c8371baed751c230002b781ee6b8

HTTP Headers

GET /_nuxt/desktop/default/css/447d11ab.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 2190
cache-control: max-age=86400
content-encoding: gzip
etag: "63d518b0-88e"
expires: Tue, 31 Jan 2023 08:43:54 GMT
last-modified: Sat, 28 Jan 2023 12:44:32 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40885
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Block/Page.Maintenance/Page.Registration/Page.SiteUpdates-bddbd34c.modern.js

8.247.219.250

200 OK

74 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Block/Page.Maintenance/Page.Registration/Page.SiteUpdates-bddbd34c.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
74 kB (73993 bytes)
Hash
0489a627d0a83ad39bbb37917832cbca
0c67daec26e0c8663e44c7291942e5a3d9a6ec12
7ae2f28caf358da1a5ed79bcb4281a7b5a56a6742ca9ba02b4e7f5a36f046ea7

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.Block/Page.Maintenance/Page.Registration/Page.SiteUpdates-bddbd34c.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 73993
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-12109"
expires: Wed, 01 Feb 2023 16:16:14 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13743
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
0dea93a9adb1e26a6ebfaf2e12c22cd5
e286810b718e374858f11adf0aae18dc65f27d66
73dafa5cd629cdf850ca05894932507c209713024ef27ce7597cb25365f2150e

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

v3.traincdn.com/_nuxt/desktop/default/runtime-a80dc1c6.modern.js

8.247.219.250

200 OK

13 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/runtime-a80dc1c6.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (40212), with no line terminators
Size
13 kB (12832 bytes)
Hash
16d00239b2028da76291e3e8f888b52e
baf2c6405bdcd634effb87e02ac3295c508f22fd
d32ce4657a735a7e99dd73c59fdcfe6d6c713677e2a9b93308a804acfcb5789e

HTTP Headers

GET /_nuxt/desktop/default/runtime-a80dc1c6.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 12832
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-3220"
expires: Wed, 01 Feb 2023 13:07:36 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 25054
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/bf967876.css

8.247.219.250

200 OK

40 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/bf967876.css
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
40 kB (39797 bytes)
Hash
8940a7faf6707649e59c0d0baa0bfc06
e6a2890b241a5f4b0aed6ee5f884770aeaedd552
743ef9c3033e2dc8d1a23f21989627bf8fedf70cc8fd54ba537dc8a45b2b907c

HTTP Headers

GET /_nuxt/desktop/default/css/bf967876.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 39797
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-9b75"
expires: Wed, 01 Feb 2023 13:41:08 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 23042
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/app-7065404e.modern.js

8.247.219.250

200 OK

187 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/app-7065404e.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
187 kB (187064 bytes)
Hash
902e0cfb315ab5de9c80d764b8d63091
1b70c5cb608a88711c51bfcfdfe0673a0ffcbef4
2c518fb9f27b54efcb1cca5f9019a3ddc93d5fd6dc265fcbd6d2a10922fbd84a

HTTP Headers

GET /_nuxt/desktop/default/app-7065404e.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 187064
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-2dab8"
expires: Wed, 01 Feb 2023 13:07:42 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 25054
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/app-0a7f18f1.modern.js

8.247.219.250

200 OK

218 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/app-0a7f18f1.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (65396)
Size
218 kB (218088 bytes)
Hash
b7b6c2a24eaa5f9a43b197549ebf4d44
c61ca34e7668814c95bdd1d359f69bd6e9e37b9f
aeef95ee654123c515ff61cd195388fcac46c8e6fef022da7aacd2bc98e5bcb2

HTTP Headers

GET /_nuxt/desktop/default/vendors/app-0a7f18f1.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 218088
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-353e8"
expires: Wed, 01 Feb 2023 13:07:43 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 25055
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap

142.250.74.106

200 OK

1.9 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.9 kB (1910 bytes)
Hash
7b00892483baf7654bb595f112156362
f38002e9c542eaf39a731f541c66b92775ecc47f
4f0f63220b2ae421efc22cd6e9f5afa5235bfca1a7008625bc421e28d5b3a355

HTTP Headers

GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,400;0,500;0,700;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 31 Jan 2023 20:05:09 GMT
date: Tue, 31 Jan 2023 20:05:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
6d208f0208216b211ab9fd5d0ca0d421
3a275011eae8857994aa7c4374762d8a6ef537ed
6af4673c8e8eddb935ab5218b3ddd3c8a405d716d6d6865fbf72a18f6be3ecce

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 31 Jan 2023 20:05:09 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 29 Jan 2023 15:03:03 GMT
Expires: Sun, 05 Feb 2023 15:03:02 GMT
Etag: "3a275011eae8857994aa7c4374762d8a6ef537ed"
Cache-Control: max-age=413272,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 79250f7c1ea7b4ee-OSL

v3.traincdn.com/version.json

8.247.219.250

200 OK

44 B

URL HTTP/2
v3.traincdn.com/version.json
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text
Size
44 B (44 bytes)
Hash
ab3a83e93384ead7369a37ac2c9a3500
7865d8fbb86850bb45491a4c1c13ac1d7a1ac48b
1907f0a9352812064d5fe93a3df8015d0800f84ab0d78c9dcf662ac364ccbe7e

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-071412.top
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/json
content-length: 44
cache-control: max-age=60, s-maxage=60
content-encoding: gzip
etag: "63d7a05e-2c"
expires: Tue, 31 Jan 2023 20:05:50 GMT
last-modified: Mon, 30 Jan 2023 10:47:58 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 19
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/commons/app-25b0d209.modern.js

8.247.219.250

200 OK

86 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/commons/app-25b0d209.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65476)
Size
86 kB (86150 bytes)
Hash
d111957f54d047770e9eb82e5411c32e
6064ecd11dc7d236d7e8aeb45e71e7d78fb559f1
ea6084b3a9c6b1f3295c745776ff733cd6c8cf1a0e47cc048cfe1764872b7577

HTTP Headers

GET /_nuxt/desktop/default/commons/app-25b0d209.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 86150
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-15086"
expires: Wed, 01 Feb 2023 16:15:47 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13763
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-071412.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 13:09:06 GMT
expires: Wed, 31 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 24963
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-071412.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 07:51:59 GMT
expires: Thu, 25 Jan 2024 07:51:59 GMT
cache-control: public, max-age=31536000
age: 562390
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
789b41f1f8027d4275a66ac9cb2f124d
c5eff6750f9a50fc52a7a6ec6e30a7afaf28fc79
e053b0b29fc44721473ed39ddfe41064f09b56b3531c765228fa322d599e770f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1xlite-071412.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png

178.253.15.11

200 OK

352 B

URL HTTP/2
1xlite-071412.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP
178.253.15.11:0
ASN
#0

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
352 B (352 bytes)
Hash
7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
expires: Fri, 27 Jan 2023 23:45:49 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-071412.top/_nuxt/desktop/default/vendors/plugins.vue-notification-1eebd76b.modern.js

178.253.15.11

200 OK

4.6 kB

URL HTTP/2
1xlite-071412.top/_nuxt/desktop/default/vendors/plugins.vue-notification-1eebd76b.modern.js
IP
178.253.15.11:0
ASN
#0

File type
ASCII text, with very long lines (12527), with no line terminators
Size
4.6 kB (4563 bytes)
Hash
44fcb95abdc227a75191b77b3abef54a
4af66b7ddd84b2a4fb6fe0d4d448f53b720fa3d1
0b3f039b3df031a44910811729dccaa407c2765affe3b3915a52de284beafaeb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/desktop/default/vendors/plugins.vue-notification-1eebd76b.modern.js HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 4563
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
vary: Accept-Encoding
etag: "63d79f43-11d3"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-57978af9.modern.js

178.253.15.11

200 OK

22 kB

URL HTTP/2
1xlite-071412.top/_nuxt/desktop/default/vendors/plugins.v-tooltip-57978af9.modern.js
IP
178.253.15.11:0
ASN
#0

File type
ASCII text, with very long lines (65476)
Size
22 kB (21853 bytes)
Hash
d1f437b3e24fc5c3b5c0d4b7375b3071
f97e182159e0eeea9d60c50b902aa7a99cbe3ce1
da76c84d91778caa278bd99c115925798f620c993ea0f2d9ebfbe6817c414589

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-57978af9.modern.js HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 21853
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
vary: Accept-Encoding
etag: "63d79f43-555d"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/_nuxt/desktop/default/css/447d11ab.css

178.253.15.11

200 OK

2.2 kB

URL HTTP/2
1xlite-071412.top/_nuxt/desktop/default/css/447d11ab.css
IP
178.253.15.11:0
ASN
#0

File type
ASCII text, with very long lines (15795), with no line terminators
Size
2.2 kB (2190 bytes)
Hash
848643f84c7a9e77f72b9929767007b1
4f3949efc6fce8c57e4aaa8aed9193d8cc883e24
0c10e5e0ad620404d09ce098c4c1562caab95326dc5560b0a2b2d94d4688c9ae

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/desktop/default/css/447d11ab.css HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 2190
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
vary: Accept-Encoding
etag: "63d79f42-88e"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/_nuxt/desktop/default/css/047e1132.css

178.253.15.11

200 OK

632 B

URL HTTP/2
1xlite-071412.top/_nuxt/desktop/default/css/047e1132.css
IP
178.253.15.11:0
ASN
#0

File type
ASCII text, with very long lines (2717), with no line terminators
Size
632 B (632 bytes)
Hash
173cf01f59877386b179e20fec6daf7d
38e4b5cfd5d7a6615289383a50dee01af5b45ded
d962b5be50781582ec85722889f9dd66b2c5be28a2940d49c89180638354ca4b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/desktop/default/css/047e1132.css HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 632
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
vary: Accept-Encoding
etag: "63d79f42-278"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15046
Expires: Wed, 01 Feb 2023 00:15:55 GMT
Date: Tue, 31 Jan 2023 20:05:09 GMT
Connection: keep-alive

1xlite-071412.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1675195527961

178.253.15.11

200 OK

145 B

URL HTTP/2
1xlite-071412.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1675195527961
IP
178.253.15.11:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
145 B (145 bytes)
Hash
55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1675195527961 HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
expires: Wed, 01 Feb 2023 20:05:09 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15046
Expires: Wed, 01 Feb 2023 00:15:55 GMT
Date: Tue, 31 Jan 2023 20:05:09 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9987 bytes)
Hash
2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Gif_csWkacU59D_hnOrJpK6u2aPI8Ylf2JyQEJZ2RLNMCrXSmmMa9w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:56:35 GMT
age: 65314
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10898 bytes)
Hash
4a2d26da68a313cc65958fc2692351c2
798c3538f3147ca77d317676ddd1bf040bd0f93b
76ce30224803d680c0115e987a712ce5552b2760beadf796a96b17439fb20797

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9b71db36-11cb-45f6-a296-34813aea1c35.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10898
x-amzn-requestid: e29f8dfc-07d4-4136-afaf-e1e067eea2ab
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zxGshIAMFw5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-5e87d2a44722af9e4e86c3d4;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XYo_QvM8GWDyulOtUb5nVjS9PxOinaRJ3lYvCreeqd_9tHI5yv5xcQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:21 GMT
age: 80208
etag: "798c3538f3147ca77d317676ddd1bf040bd0f93b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.6 kB (8558 bytes)
Hash
e6f9ffb8f9e99229b45ca5fdb84ce7d5
04577ad69ee9749b14382254eb5bbf0e1edcd7fa
6111acf3f363123b39d13cd3d23ab39b8c8d00379874f19231d1cd3da17c52c2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37e3fb86-3315-41fd-97cb-ac82604d8869.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8558
x-amzn-requestid: 2841cd36-22e6-4ecb-b56a-bfadce3197c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_BFA8IAMFyvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e393-3fd03bd14de762b0738a3b0a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R29JYq4Z8V_Xuq2no0bKxk1K6h2PmTO5OSxzMa4zppDVk3j9rO9aTw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:24:36 GMT
age: 60033
etag: "04577ad69ee9749b14382254eb5bbf0e1edcd7fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6844 bytes)
Hash
976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oLMUuQVwUyKMuYAvTkA4wlVDb3-kZjStTJFfUZRb7JwKcK11waY0kQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:42:39 GMT
age: 66150
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13853 bytes)
Hash
d957012d3e2b8c3bc0eefe11d66e8554
1959fdd94846fa3791c4890578dd15336b909dcc
a97e81ec5eb2eda6a603bf4bfd4fa4ef4fab762747479489e99e6c713258a736

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1295ec36-f5b2-4db1-83c7-667fa373f592.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13853
x-amzn-requestid: ca6ea6e7-3e13-4194-87f5-20a07b813e21
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fk3zzF4hIAMFwWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d839b1-772487cb1b7495c52c552d36;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 21:42:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lUGjUSIkoacdmaO1jnMwIuNMONhjyVfAIcTQ3B5d5da_g9eEnCtW7g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 21:48:17 GMT
age: 80212
etag: "1959fdd94846fa3791c4890578dd15336b909dcc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11129 bytes)
Hash
2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9Fga247EZZqiGmdMJ72resdBZR2KLgflGDBPESmuw9cFVs4hSzMzTw==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 03:50:52 GMT
age: 58457
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

1xlite-071412.top/pwa

178.253.15.11

200 OK

15 B

URL HTTP/2
1xlite-071412.top/pwa
IP
178.253.15.11:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
0e4766fd1b2ba2e236fd9364587f99ab
eb98dec7af065d80a1a3ddb99cb3e3c0919aa852
4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pwa HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-071412.top/en/registration
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/json; charset=utf-8
content-length: 15
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
server-timing: dt_285;dur=1
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/_nuxt/desktop/default/css/f9d99aa7.css

178.253.15.11

200 OK

943 B

URL HTTP/2
1xlite-071412.top/_nuxt/desktop/default/css/f9d99aa7.css
IP
178.253.15.11:0
ASN
#0

File type
ASCII text, with very long lines (3303), with no line terminators
Size
943 B (943 bytes)
Hash
c8814e2b14b9b8a9316b055f63e396e1
64c157e6647fa007ee52203b65217215cad25d5f
9a67b2e18901d9efc1e5a0a215542688c931f5bc2b8c90a1da733b6d9db9d2d6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/desktop/default/css/f9d99aa7.css HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: text/css
content-length: 943
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
vary: Accept-Encoding
etag: "63d79f43-3af"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/_nuxt/desktop/default/plugins.vue-js-modal-4aa1340f.modern.js

178.253.15.11

200 OK

7.5 kB

URL HTTP/2
1xlite-071412.top/_nuxt/desktop/default/plugins.vue-js-modal-4aa1340f.modern.js
IP
178.253.15.11:0
ASN
#0

File type
HTML document, ASCII text, with very long lines (25593), with no line terminators
Size
7.5 kB (7505 bytes)
Hash
8c9f740da4bd6dd64248c2c5607157ef
f640e99beeb429f94257095aa04e6f26194ea1be
07bd8522b6f6ee163e2416e79f769d22a420874de7a049263fd3ce31bf507b98

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/desktop/default/plugins.vue-js-modal-4aa1340f.modern.js HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 7505
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
vary: Accept-Encoding
etag: "63d79f43-1d51"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/_nuxt/desktop/default/date-fns-locale-21-8f364136.modern.js

178.253.15.11

200 OK

2.7 kB

URL HTTP/2
1xlite-071412.top/_nuxt/desktop/default/date-fns-locale-21-8f364136.modern.js
IP
178.253.15.11:0
ASN
#0

File type
ASCII text, with very long lines (9012), with no line terminators
Size
2.7 kB (2652 bytes)
Hash
d250827722be904e26a41986b7d1d502
96a77661e0136406823fdfb815d0f7b547e6f4d9
0b2296a1dfa4bc72b817c45bf9d3798edcb37953fe0c27745e362e96e594d878

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/desktop/default/date-fns-locale-21-8f364136.modern.js HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:09 GMT
content-type: application/javascript; charset=utf-8
content-length: 2652
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
vary: Accept-Encoding
etag: "63d79f42-a5c"
content-encoding: gzip
expires: Tue, 31 Jan 2023 21:05:09 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/DC-2014d636.modern.js

8.247.219.250

200 OK

1.1 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/DC-2014d636.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (2509), with no line terminators
Size
1.1 kB (1082 bytes)
Hash
6dc923ae3607a521ef3c98dd910ce134
c77fa89629534d0f661ac1f5c5a5c3832aa816d9
79fc061cb0c22d0d7df208560dcc8f7bf42b2cf108380d20516549da2aeb5805

HTTP Headers

GET /_nuxt/desktop/default/DC-2014d636.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 1082
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-43a"
expires: Wed, 01 Feb 2023 16:15:52 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13762
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c004ef398fc2138876eac9e202e6e7c9
9b695108fe043113ee8dc3369be58234f1a73323
ab71d4c6d64f3c7a0114070414615b26843c22de34b0f04c9ad932ca112031c7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1xlite-071412.top/_nuxt/Desktop/Default/svg-sprites/common-2000120.svg

178.253.15.11

200 OK

43 kB

URL HTTP/2
1xlite-071412.top/_nuxt/Desktop/Default/svg-sprites/common-2000120.svg
IP
178.253.15.11:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Size
43 kB (42864 bytes)
Hash
cec9f6d498a6618ece7c21a115b96881
532dfb6fddc2e5c2c3b45f3001391e4b586d685b
105556ab71faf8dae5eadab3cb6af42606be2a350fc740f48fd4f86b68a45ee8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/Desktop/Default/svg-sprites/common-2000120.svg HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
etag: W/"63d79f43-1af48"
expires: Wed, 01 Feb 2023 20:02:47 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-178408567-1

142.250.74.40

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
45 kB (45036 bytes)
Hash
3720661a753d3bcf4e723293fdc499c9
3ef2597456d6246d7f8376b3829c179ab854fb99
ec5e96ba03992ab231e1e2306f1fc7ccbcffd37472e24245b4cdcbf7fbf68fb4

HTTP Headers

GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 31 Jan 2023 20:05:10 GMT
expires: Tue, 31 Jan 2023 20:05:10 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 45036
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
d81f874741beb45c89de8bb5c6de438e
a251ab903e654953631d84721479bbae55aa5cdf
ec28dafa2a54818028d4dfe99218d9e4b507f3bd7efaabfba630d85f24d4d75d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

radar.cedexis.com/1593429750/radar.js

45.54.49.5

200 OK

19 kB

URL HTTP/1.1
radar.cedexis.com/1593429750/radar.js
IP
45.54.49.5:0
ASN
#63911 NetActuate, Inc

File type
ASCII text, with very long lines (1782)
Size
19 kB (18746 bytes)
Hash
2acb3c3179b2646943d1a8f5166743cc
56aa31a4027fec3dd8cc78114c6b0f3604716c14
0ac8b27ab0fd5f6440f4fc51e98694a417ae1402a3ca4feb224643327c079595

HTTP Headers

GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 20:05:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 29 Jun 2020 11:30:33 GMT
Vary: Accept-Encoding
ETag: W/"5ef9d0d9-af5c"
Expires: Tue, 14 Feb 2023 20:05:10 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip

v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-a058339a.modern.js

8.247.219.250

200 OK

5.4 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-a058339a.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (13485), with no line terminators
Size
5.4 kB (5399 bytes)
Hash
e4c16860600185911eac1e0abfb7cfa5
b816e49cc33cba2a6709ce5517aa8c163d823164
73fbc80163ac57764a3dc53423ed12772e182ce60edebbad622f8e22be285999

HTTP Headers

GET /_nuxt/desktop/default/commons/conversion/modal.RegistrationSuccessModalApp/registration.Main/user.userRegistration-a058339a.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 5399
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-1517"
expires: Wed, 01 Feb 2023 16:16:57 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13695
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/b8c5da74.css

8.247.219.250

200 OK

211 B

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/b8c5da74.css
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (369), with no line terminators
Size
211 B (211 bytes)
Hash
8c6c6544f1276b88c8986f1fdae6f808
8c1d76b32d354704c0a500f311166b35d3b52665
8a7e55af53086a457ffedae13850ffff580d32a4804c88d62935064caab89318

HTTP Headers

GET /_nuxt/desktop/default/css/b8c5da74.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: text/css
content-length: 211
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-d3"
expires: Wed, 01 Feb 2023 15:33:16 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 16318
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/da6c9763-f110c4f4.modern.js

8.247.219.250

200 OK

6.5 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/da6c9763-f110c4f4.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (20689)
Size
6.5 kB (6469 bytes)
Hash
53998bab36dd2a66e15bf80e13c1e478
185e0d189ab8fc67a9a54016f55b9e9c86e0d327
582b2a8ec2421d970d766b65871a2abad4f17b47abaebf19b2783d1b15212532

HTTP Headers

GET /_nuxt/desktop/default/vendors/Auth.Forms/GameProvider/Information.Feedback/Page.Betting.Game/Page.Betting.MultiLive/Page.C/da6c9763-f110c4f4.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 6469
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-1945"
expires: Wed, 01 Feb 2023 16:16:00 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13757
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/6ddcb708.css

8.247.219.250

200 OK

464 B

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/6ddcb708.css
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (1665), with no line terminators
Size
464 B (464 bytes)
Hash
b8b503fd31564207d769e597bc17fdfd
d7dabc0def0e9eb58aeb6a42c34108678019e2bd
62f2fabb3cdaf1b672236f9921f1c33e6dab7dc386ab0ccb4a6ee19c2438af61

HTTP Headers

GET /_nuxt/desktop/default/css/6ddcb708.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: text/css
content-length: 464
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-1d0"
expires: Wed, 01 Feb 2023 14:14:39 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 21040
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/9ec65dba-37adabbc.modern.js

8.247.219.250

200 OK

8.1 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/9ec65dba-37adabbc.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (24831), with no line terminators
Size
8.1 kB (8051 bytes)
Hash
97a96834598ace3a0f9cc8ff51c9f46d
befe01abb480eeed7b03fb087047fd311c95280d
966b792d03bb5258d7f3d2c8e254d6e3ac84ba18ffc4f262c51f087a967cadce

HTTP Headers

GET /_nuxt/desktop/default/vendors/Auth.Forms/Page.BlockAppeal.BetsHistory/Page.Information.Rules/Page.MobileApps/Page.Office.B/9ec65dba-37adabbc.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 8051
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-1f73"
expires: Wed, 01 Feb 2023 16:16:07 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13743
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7c44f9ff-071780c2.modern.js

8.247.219.250

200 OK

6.4 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7c44f9ff-071780c2.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (24849), with no line terminators
Size
6.4 kB (6353 bytes)
Hash
5611cfd030ced41aef5cf1a7c96c63c6
36f1f443022e617c107475517a9573ae5d5befbe
9d0cd8971f1349222f88a73737d7e1b06a0dfb9900a9345092fc26f2e70cff50

HTTP Headers

GET /_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Game/Page.Betting.MultiLive/Page.BlockAppeal.BetsHistory/Page.Cybe/7c44f9ff-071780c2.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 6353
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-18d1"
expires: Wed, 01 Feb 2023 16:15:51 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13759
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/415e4ade.css

8.247.219.250

200 OK

4.8 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/415e4ade.css
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (31269), with no line terminators
Size
4.8 kB (4827 bytes)
Hash
dfe9b3e6dd8bcb8f0ca9cd4aba6e2ee4
f38714d157275ec7a53cdcab388045316b9488fc
6e4ceec7bc5cd76a5e043b9a74195afa72f407ce31d1fae1f9046cc95fe50098

HTTP Headers

GET /_nuxt/desktop/default/css/415e4ade.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: text/css
content-length: 4827
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-12db"
expires: Wed, 01 Feb 2023 14:31:24 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 20031
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/registration.Main-8e7bd135.modern.js

8.247.219.250

200 OK

44 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/registration.Main-8e7bd135.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
44 kB (43568 bytes)
Hash
644bb0a7aaad70ec4f32c65cd5c2359f
7fc65d5c8c7353e0e99723f8c257a72a1f12101c
433c0cb3f1bd26594a4800aa916633587164d1a520d0848c81b9a962a8142ab5

HTTP Headers

GET /_nuxt/desktop/default/registration.Main-8e7bd135.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 43568
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-aa30"
expires: Wed, 01 Feb 2023 16:17:40 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13651
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css

8.247.219.250

200 OK

454 B

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (1429), with no line terminators
Size
454 B (454 bytes)
Hash
74421eb09f932cd00366a49a6c89dc90
d4b3a2da856a4167c1693b5cd7f29468035b0b39
04178e43c019a1e2dc9115f9adc618ec25b685cd9218bc36089fd14dc179d464

HTTP Headers

GET /_nuxt/desktop/default/css/c2b74bc7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: text/css
content-length: 454
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-1c6"
expires: Wed, 01 Feb 2023 08:31:20 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 41665
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-4edabf27.modern.js

8.247.219.250

200 OK

18 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-4edabf27.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (43176), with NEL line terminators
Size
18 kB (17545 bytes)
Hash
d9aa426d0b3fc2884cc5742871ac0931
be324f6e459abdd9bc47494c63e7fb451f4af31b
771872ba9b88aa69a02d4045a87ac3ee31af2b6335b886bb2d96292ee8be4b16

HTTP Headers

GET /_nuxt/desktop/default/vendors/betting.media-4edabf27.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 17545
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f43-4489"
expires: Wed, 01 Feb 2023 16:15:50 GMT
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13761
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/d07cef4b.css

8.247.219.250

200 OK

1.2 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/d07cef4b.css
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (4904), with no line terminators
Size
1.2 kB (1240 bytes)
Hash
eab7b2b596e1a9ab69892bb2b26fe5d1
281fd315c66bbbca67c393ebb40f73128de40e99
c649da532af8b5c710729ff74f84994f9c56f105d0dc21a25735aa1d8ee84a8c

HTTP Headers

GET /_nuxt/desktop/default/css/d07cef4b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: text/css
content-length: 1240
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-4d8"
expires: Wed, 01 Feb 2023 08:43:55 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 40877
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/betting.media-b0a61640.modern.js

8.247.219.250

200 OK

4.6 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/betting.media-b0a61640.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (18679), with no line terminators
Size
4.6 kB (4560 bytes)
Hash
bc44469397272ad3848d6941861a42f2
33c93288d899ec704405133f615a6beaa1b35f99
36f2459f98b1b34f68c9704603139d095cfcba518b064159602cdf030d75d063

HTTP Headers

GET /_nuxt/desktop/default/betting.media-b0a61640.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 4560
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-11d0"
expires: Wed, 01 Feb 2023 16:15:56 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13755
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-ff86f08d.modern.js

8.247.219.250

200 OK

1.1 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.32-ff86f08d.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (2449), with no line terminators
Size
1.1 kB (1079 bytes)
Hash
2abcde1c7f861e3839266637c052601e
f7a3042bf6b6bc0d96cb73005f0e3ea8f4b30668
41115c7aab94100d5ac2cef7c8e41c0068de95822eff57b80a8ee0fdd3d0196d

HTTP Headers

GET /_nuxt/desktop/default/ioc.dependencies.32-ff86f08d.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 1079
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-437"
expires: Wed, 01 Feb 2023 16:15:50 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13760
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-071412.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-071412.top%2Fen%2Fregistration&language=en

178.253.15.11

200 OK

50 B

URL HTTP/2
1xlite-071412.top/frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-071412.top%2Fen%2Fregistration&language=en
IP
178.253.15.11:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
50 B (50 bytes)
Hash
b87a1addd40bfb43c006eedcb9f21f28
7c504dfdecbb7e3e61f8681eb9e338a6698d5fc2
931bc5f84afccc01bc652d702e50b45ab57739699a88f157b994eda943ffcf57

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /frontend-api/seo/seoText?url=https%3A%2F%2F1xlite-071412.top%2Fen%2Fregistration&language=en HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/json; charset=utf-8
content-length: 50
access-control-allow-origin: *
etag: W/"32-fFBN/ey7fj5h+GgeueM4pmmNX8I"
server-timing: requestTime; dur=42.964529; desc="req_t", renderTime; dur=42.977951; desc="rend_t", total; dur=45.285667; desc="Total Response Time"
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/checker/redirect/stat/run/

178.253.15.11

200 OK

49 B

URL HTTP/2
1xlite-071412.top/checker/redirect/stat/run/
IP
178.253.15.11:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
49 B (49 bytes)
Hash
b7a9075de81cdb1a9fa74fa71b5126dd
9d651f649e1c5eab95d3b0ca7cc9b02dec41df61
86877f86c7d18d59e54d73c43e6709a91a7f0a6a86980cada7f4b7e69c13cf20

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/json; charset=utf-8
content-length: 49
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/web-api/external-api/getFirstDepositBonus

178.253.15.11

200 OK

26 kB

URL HTTP/2
1xlite-071412.top/web-api/external-api/getFirstDepositBonus
IP
178.253.15.11:0
ASN
#0

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
26 kB (26363 bytes)
Hash
181c697e719f2e99d555fc5fc506ee4e
255e43cf3bc53b3c8b074887535e5e3b459c70bf
de7a37da1daf2c26bdf5ac7fdd6114f9bb14daef61f65bb46b9267db4e032e7f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=40, dt_285;dur=43
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/web-api/user/secure

178.253.15.11

200 OK

58 B

URL HTTP/2
1xlite-071412.top/web-api/user/secure
IP
178.253.15.11:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
58 B (58 bytes)
Hash
d7d7f7a99ebdd662bad162b13d902ed8
34ee36c81bf3d5575f30a343a400f218bcbab62f
0a0cfc4fccc1a0ad36c82bc75838627bb89528c0e1cee13afda1abded153865a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /web-api/user/secure HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Origin: https://1xlite-071412.top
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/json; charset=utf-8
content-length: 58
server-timing: dt_285;dur=85
set-cookie: is_rtl=1; expires=Wed, 31-Jan-2024 20:05:10 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
fast_coupon=true; expires=Tue, 07-Feb-2023 20:05:10 GMT; Max-Age=604800; path=/
v3fr=1; expires=Fri, 03-Feb-2023 20:05:10 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax
_glhf=1675213286; expires=Tue, 31-Jan-2023 21:05:10 GMT; Max-Age=3600; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/web-api/default/img/icons/pixels2.svg?v=1675195528

178.253.15.11

200 OK

235 B

URL HTTP/2
1xlite-071412.top/web-api/default/img/icons/pixels2.svg?v=1675195528
IP
178.253.15.11:0
ASN
#0

File type
PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Size
235 B (235 bytes)
Hash
b41553a22c887cce091cfed409583620
3477821ba4fd91596b80ce7af0ce20e75c22b3bd
2768842d7a8081fbe6a790bfd209f83fccb95650f37fb17683c78809988675e0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/default/img/icons/pixels2.svg?v=1675195528 HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=32, dt_285;dur=34
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/web-api/api/internal/v1/proof_of_age

178.253.15.11

204 No Content

0 B

URL HTTP/2
1xlite-071412.top/web-api/api/internal/v1/proof_of_age
IP
178.253.15.11:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
cache-control: no-cache, private
server-timing: p;dur=29, dt_285;dur=33
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.46

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.46:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 31 Jan 2023 19:45:20 GMT
expires: Tue, 31 Jan 2023 21:45:20 GMT
cache-control: public, max-age=7200
age: 1191
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1xlite-071412.top/web-api/api/v3/bonuses/welcome-bonuses

178.253.15.11

200 OK

1.1 kB

URL HTTP/2
1xlite-071412.top/web-api/api/v3/bonuses/welcome-bonuses
IP
178.253.15.11:0
ASN
#0

File type
JSON data\012- data
Size
1.1 kB (1100 bytes)
Hash
c3047f32333e7020844e76537ccae61c
7ece41b8dcb96a37086a94c5b4cc46f246c34d6b
ef5481a9fe7e65d884f9c096929e1979bfb83d963ce3825cb69d9559f77ab590

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/api/v3/bonuses/welcome-bonuses HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
server-timing: p;dur=37, dt_285;dur=40
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.AdminRequest/Page.Office.BetsHi/963f8409-d470476b.modern.js

8.247.219.250

200 OK

14 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.AdminRequest/Page.Office.BetsHi/963f8409-d470476b.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (57248), with no line terminators
Size
14 kB (14507 bytes)
Hash
0eb8f1fbd9681805e6e73e8ad42b356a
b63b54764f52926a399b13e056545c6334fe37aa
c005e43cf8e5fd0682c73e55015e54528889cbc6e40e5a891233c8d5d93cf583

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.BlockAppeal.BetsHistory/Page.Office.Account/Page.Office.AdminRequest/Page.Office.BetsHi/963f8409-d470476b.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 14507
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-38ab"
expires: Wed, 01 Feb 2023 16:15:56 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13759
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-071412.top/_nuxt/Desktop/Default/svg-sprites/bonusSelect-2000120.svg

178.253.15.11

200 OK

14 kB

URL HTTP/2
1xlite-071412.top/_nuxt/Desktop/Default/svg-sprites/bonusSelect-2000120.svg
IP
178.253.15.11:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (15052), with no line terminators
Size
14 kB (14341 bytes)
Hash
e9341c1d9485439bf7039f83307e6415
07302610b47a1597d7ec82d48248eae17d87f158
219a7fa3f8062be4b002a80b2f8a9730328873be9ecf37c6f8dfc997d0d41aeb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/Desktop/Default/svg-sprites/bonusSelect-2000120.svg HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850; tzo=0; _ga_7JGWL9SV66=GS1.1.1675195529.1.0.1675195529.0.0.0; _ga=GA1.1.2033725721.1675195529; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1675213286
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
etag: W/"63d79f43-3acc"
expires: Wed, 01 Feb 2023 20:04:13 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-e3ee18f6.modern.js

8.247.219.250

200 OK

11 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Registration.Fields-e3ee18f6.modern.js
IP
8.247.219.250:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (41843), with no line terminators
Size
11 kB (11235 bytes)
Hash
3958797412895cbddbe52699ada2475a
a9859083e86582eb1bd7613d19957919ec6421b6
cb635e484c9416bbbd78a8ef267da6562037e6c250174426b038f9b3858a2c50

HTTP Headers

GET /_nuxt/desktop/default/Registration.Fields-e3ee18f6.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: application/javascript; charset=utf-8
content-length: 11235
cache-control: max-age=86400
content-encoding: gzip
etag: "63d79f42-2be3"
expires: Wed, 01 Feb 2023 16:16:27 GMT
last-modified: Mon, 30 Jan 2023 10:43:14 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13725
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-071412.top/web-api/registration

178.253.15.11

200 OK

3.3 kB

URL HTTP/2
1xlite-071412.top/web-api/registration
IP
178.253.15.11:0
ASN
#0

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (13947), with no line terminators
Size
3.3 kB (3341 bytes)
Hash
68a5c53acee49969dc1c600294de33a9
2fa88df7db5f016aea0ef628d50486fee221ba77
944676d19f256118d1f3fd51eea32f71e27589329798f2cb2143a9d34eaa2fc6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /web-api/registration HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Content-Type: application/json
Content-Length: 18
Origin: https://1xlite-071412.top
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850; tzo=0; _ga_7JGWL9SV66=GS1.1.1675195529.1.0.1675195529.0.0.0; _ga=GA1.1.2033725721.1675195529; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1675213286
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: application/json; charset=utf-8
content-encoding: gzip
server-timing: dt_285;dur=74
set-cookie: is_rtl=1; expires=Wed, 31-Jan-2024 20:05:11 GMT; Max-Age=31536000; path=/; HttpOnly
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/web-api/q/9c70db1612bfb0029c01123fed619111fae206448

178.253.15.11

200 OK

63 B

URL HTTP/2
1xlite-071412.top/web-api/q/9c70db1612bfb0029c01123fed619111fae206448
IP
178.253.15.11:0
ASN
#0

File type
data
Size
63 B (63 bytes)
Hash
0dae4c13255183a4b0097640427d3e06
8a020bb5ba501b42e64b78d23104d728855f1b68
51b95ef336520f3f0be882d1966530e8880e9c3a6baa670362a6690823375729

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /web-api/q/9c70db1612bfb0029c01123fed619111fae206448 HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-071412.top/en/registration?type=fast
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://1xlite-071412.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850; tzo=0; _ga_7JGWL9SV66=GS1.1.1675195529.1.1.1675195529.0.0.0; _ga=GA1.2.2033725721.1675195529; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1675213286; ggru=188; _gid=GA1.2.2065756750.1675195529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=47, dt_285;dur=49
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1xlite-071412.top/web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-071412.top%2Fen%2Fregistration&geo=137&language=en

178.253.15.11

200 OK

210 B

URL HTTP/2
1xlite-071412.top/web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-071412.top%2Fen%2Fregistration&geo=137&language=en
IP
178.253.15.11:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
210 B (210 bytes)
Hash
f4b3f26878ec09bf646ff730c19c7c9d
145669ee34836731a34fe386b5294edfed1f856d
770bd5230583f0c9802ef3b95e4cb61a49cb7607e1282610066ff118308b9285

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/seo/metadata?url=https:%2F%2F1xlite-071412.top%2Fen%2Fregistration&geo=137&language=en HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850; tzo=0; _ga_7JGWL9SV66=GS1.1.1675195529.1.1.1675195529.0.0.0; _ga=GA1.2.2033725721.1675195529; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1675213286; ggru=188; _gid=GA1.2.2065756750.1675195529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: application/vnd.api+json
cache-control: max-age=300, private
server-timing: p;dur=22, dt_285;dur=271
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
46e2bec06a11406d5cdcec9c0e76911d
edc777878dca7029c70577edae741264a22ab010
21f7443ebf888a28fb0f0010d1c83ca833b42c06f7d2c755f83a4b418de96854

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:11 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

1xlite-071412.top/web-api/api/converslon/load

178.253.15.11

200 OK

6.5 kB

URL HTTP/2
1xlite-071412.top/web-api/api/converslon/load
IP
178.253.15.11:0
ASN
#0

File type
data
Size
6.5 kB (6468 bytes)
Hash
1678f22d6dc8fbb5078da9f613f999f4
d26ee0712202e6758d748bd285fcc3c572b84d84
6600b5af2dfa40a6924b38b8a484baa47749fc9e2d3228c04264cdb3c2bf23dc

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/api/converslon/load HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=22, dt_285;dur=651
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

www.google.com/recaptcha/api.js?render=explicit&hl=en

216.58.211.4

200 OK

557 B

URL HTTP/2
www.google.com/recaptcha/api.js?render=explicit&hl=en
IP
216.58.211.4:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (852), with no line terminators
Size
557 B (557 bytes)
Hash
d79ca9c288b1cdf554efa3e70d3281b3
5a5f065d877044c39b9a7be699527db79c919cfa
250f8208fc7ffc32bf751c8a1a788f7da3ed09c2248890bc403f89f1ed83c2c3

HTTP Headers

GET /recaptcha/api.js?render=explicit&hl=en HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Tue, 31 Jan 2023 20:05:13 GMT
date: Tue, 31 Jan 2023 20:05:13 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 557
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e0bc98d03057dabba1334b62bea0975b
b358a8123908fe4b1c94a1273cac45c4e23b212e
10ef320ba825ca0e17d039b66fd2f321f4d2c687a8734d226fa25e9b45e109d9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 20:05:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js

142.250.74.35

200 OK

164 kB

URL HTTP/2
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (771)
Size
164 kB (163774 bytes)
Hash
57c909ab73fc27ec24f737bbf1cb1de8
89b2c02e9e7a9a764518fca545d3eec2044fd6d9
7e407e2b00bb7c238c71d96472f7ab030de4e610b1048f0f77b25cb85c2d166b

HTTP Headers

GET /recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-071412.top
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 163774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 17:09:34 GMT
expires: Tue, 30 Jan 2024 17:09:34 GMT
cache-control: public, max-age=31536000
age: 96939
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 425831
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

15 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 00:39:09 GMT
expires: Wed, 31 Jan 2024 00:39:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
age: 69965
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 444271
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1xlite-071412.top/_nuxt/Desktop/Default/svg-sprites/country-2000120.svg

178.253.15.11

200 OK

0 B

URL HTTP/2
1xlite-071412.top/_nuxt/Desktop/Default/svg-sprites/country-2000120.svg
IP
178.253.15.11:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/Desktop/Default/svg-sprites/country-2000120.svg HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850; tzo=0; _ga_7JGWL9SV66=GS1.1.1675195529.1.1.1675195529.0.0.0; _ga=GA1.2.2033725721.1675195529; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1675213286; ggru=188; _gid=GA1.2.2065756750.1675195529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Mon, 30 Jan 2023 10:43:15 GMT
etag: W/"63d79f43-26280"
expires: Wed, 01 Feb 2023 20:02:47 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

suphelper.com/widget/injector.js

104.16.43.72

200 OK

0 B

URL HTTP/2
suphelper.com/widget/injector.js
IP
104.16.43.72:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widget/injector.js HTTP/1.1
Host: suphelper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1xlite-071412.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 20:05:12 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-d49403fd-098b-41ec-b2fa-70a24447f25c' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://suphelper.ru wss://suphelper.ru *.suphelper.ru https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
cache-control: public, max-age=300
last-modified: Tue, 03 Jan 2023 09:24:23 GMT
etag: W/"28e6c-18576f23558"
vary: Accept-Encoding
cf-cache-status: HIT
age: 76
server: cloudflare
cf-ray: 79250f8ffdb995f0-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

1xlite-071412.top/registration/

178.253.15.11

302 Found

0 B

URL HTTP/2
1xlite-071412.top/registration/
IP
178.253.15.11:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

NIDS	Severity	Alert
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET /registration/ HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Tue, 31 Jan 2023 20:05:08 GMT
location: /en/registration
reason-v3: empty_lang
server-timing: total;dur=4;desc="Nuxt Server Time", dt_285;dur=166
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: platform_type=desktop; Path=/; Expires=Fri, 03 Feb 2023 20:05:07 GMT
auid=sv0PC2PZdHS+11ONA1Q9Ag==; path=/; secure; httponly; samesite=lax
X-Firefox-Spdy: h2

1xlite-071412.top/en/registration

178.253.15.11

200 OK

0 B

URL HTTP/2
1xlite-071412.top/en/registration
IP
178.253.15.11:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /en/registration HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:08 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=579;desc="Nuxt Server Time", dt_285;dur=593
set-cookie: SESSION=fe7476533ca2073f02a9fe8537f0a22b; Path=/; HttpOnly; Secure; SameSite=Lax
lng=en; Path=/
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-071412.top%2Fen%2Fregistration

178.253.15.11

200 OK

0 B

URL HTTP/2
1xlite-071412.top/web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-071412.top%2Fen%2Fregistration
IP
178.253.15.11:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/seo/links/canonical?url=https:%2F%2F1xlite-071412.top%2Fen%2Fregistration HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*, application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration?type=fast
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280; che_g=3662ec41-bbc7-7785-2f57-ab66e6e73850; tzo=0; _ga_7JGWL9SV66=GS1.1.1675195529.1.1.1675195529.0.0.0; _ga=GA1.2.2033725721.1675195529; is_rtl=1; fast_coupon=true; v3fr=1; _glhf=1675213286; ggru=188; _gid=GA1.2.2065756750.1675195529
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:11 GMT
content-type: application/vnd.api+json
cache-control: max-age=300, private
server-timing: p;dur=121, dt_285;dur=122
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-071412.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137

178.253.15.11

200 OK

0 B

URL HTTP/2
1xlite-071412.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137
IP
178.253.15.11:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-071412.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://1xlite-071412.top/en/registration
Cookie: platform_type=desktop; auid=sv0PC2PZdHS+11ONA1Q9Ag==; SESSION=fe7476533ca2073f02a9fe8537f0a22b; lng=en; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 20:05:10 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=90, dt_285;dur=92
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (48)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL