luckyforbet.com/i/43830
95.211.26.202302 Found 20 B IP 95.211.26.202:0
ASN #60781 LeaseWeb Netherlands B.V.
Hash 7029066c27ac6f5ef18d660d5741979a
46c6643f07aa7f6bfe7118de926b86defc5087c4
59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /i/43830 HTTP/1.1
Host: luckyforbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Sat, 03 Dec 2022 11:11:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Set-Cookie: TRK_TRG=eJxjYGBgEmEXZMosEOSxNNSzNNAzMdIzNDURZE5PzRdk8vMX5C5KTc%2FMz4tPzk9JFWT189c1MBbkTM4sqYSIsANF%2FItz8gWZM4sLBPmccjIrFILzc0pLgHqKBfnyUkviiwtSU1PAqtkYBTkyi%2BMLivIrKtkYAUzOIh4%3D; expires=Sun, 04-Dec-2022 11:11:56 GMT; Max-Age=86400; path=/
TRK_TRU7=eJxjYGBgEuEQZC5NNBVUSEkzNEs2sDBMNjI1NjAzMzVJNEhNS7KwTLIwNzNMNLAQZE0qSsxL4RVkzc1PSc3hFeRKKsovL04tis9MYWMT5IfxylKLijPz83gcohwYQECQNb8YpIRFkAvIgMuqMEBkuVNSyzKTU%2BNLKgtS2RgBWyQlpg%3D%3D; expires=Sun, 04-Dec-2022 11:11:56 GMT; Max-Age=86400; path=/
trk_cpa_pixel=4c763cd0-72fb-11ed-9b96-4db66faecdb3; expires=Wed, 01-Feb-2023 11:11:56 GMT; Max-Age=5184000; path=/
Location: http://luckyforbet.com/h/oGUy3EysYBHukC62wwJTf9w0fSRp4kkHU.dD.ilZIgw0BKlBkKAlSVmdaOHhgXhUpFdFCiK5y_CuWPzXfQtmaN6FgrRrzy3bdhCjx1IF5V4YW_iBttkm3fENCOpu07P77ENtEYI8QFVdBRznWRAggSR_DRj0bUjNaVMqqRzbBzpMxWEFu3pjB73pTB9F2EK_9nRI1HOF9I.o69nPoyx5NRPwhigGVarVvTXY6zesouAznQNLBLSng3krsGGKpT7JMjLhNuYFfHXHylEq0U21J3z4SFLAiRGjQ0icVDo5S4Qqq.qq
Content-Encoding: gzip
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7554
Expires: Sat, 03 Dec 2022 13:17:50 GMT
Date: Sat, 03 Dec 2022 11:11:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7439fb99a444b66db1e68ffbfaa38451
4b7742d7956485906f1c392c478515ff89a46184
636327ce88f733e5a1d39af212f97242717a39ce20edaef330fafea238e3a309
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6598
Cache-Control: max-age=90557
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:11:56 GMT
Etag: "6389d3f3-1d7"
Expires: Sun, 04 Dec 2022 12:21:13 GMT
Last-Modified: Fri, 02 Dec 2022 10:31:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6305
Expires: Sat, 03 Dec 2022 12:57:01 GMT
Date: Sat, 03 Dec 2022 11:11:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 10:19:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3117
alt-svc: clear
X-Firefox-Spdy: h2
luckyforbet.com/h/oGUy3EysYBHukC62wwJTf9w0fSRp4kkHU.dD.ilZIgw0BKlBkKAlSVmdaOHhgXhUpFdFCiK5y_CuWPzXfQtmaN6FgrRrzy3bdhCjx1IF5V4YW_iBttkm3fENCOpu07P77ENtEYI8QFVdBRznWRAggSR_DRj0bUjNaVMqqRzbBzpMxWEFu3pjB73pTB9F2EK_9nRI1HOF9I.o69nPoyx5NRPwhigGVarVvTXY6zesouAznQNLBLSng3krsGGKpT7JMjLhNuYFfHXHylEq0U21J3z4SFLAiRGjQ0icVDo5S4Qqq.qq
95.211.26.202200 OK 370 B URL HTTP/1.1 luckyforbet.com/h/oGUy3EysYBHukC62wwJTf9w0fSRp4kkHU.dD.ilZIgw0BKlBkKAlSVmdaOHhgXhUpFdFCiK5y_CuWPzXfQtmaN6FgrRrzy3bdhCjx1IF5V4YW_iBttkm3fENCOpu07P77ENtEYI8QFVdBRznWRAggSR_DRj0bUjNaVMqqRzbBzpMxWEFu3pjB73pTB9F2EK_9nRI1HOF9I.o69nPoyx5NRPwhigGVarVvTXY6zesouAznQNLBLSng3krsGGKpT7JMjLhNuYFfHXHylEq0U21J3z4SFLAiRGjQ0icVDo5S4Qqq.qq
IP 95.211.26.202:0
ASN #60781 LeaseWeb Netherlands B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1386e297726eabc20f51b47fc7c5d069
c439a68f25928af9e2aea4d547962f6903309318
33e690a88a318812db6c30be65c4dbfc4f5cfaa0f5e113e51ade127528ee413c
GET /h/oGUy3EysYBHukC62wwJTf9w0fSRp4kkHU.dD.ilZIgw0BKlBkKAlSVmdaOHhgXhUpFdFCiK5y_CuWPzXfQtmaN6FgrRrzy3bdhCjx1IF5V4YW_iBttkm3fENCOpu07P77ENtEYI8QFVdBRznWRAggSR_DRj0bUjNaVMqqRzbBzpMxWEFu3pjB73pTB9F2EK_9nRI1HOF9I.o69nPoyx5NRPwhigGVarVvTXY6zesouAznQNLBLSng3krsGGKpT7JMjLhNuYFfHXHylEq0U21J3z4SFLAiRGjQ0icVDo5S4Qqq.qq HTTP/1.1
Host: luckyforbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: TRK_TRG=eJxjYGBgEmEXZMosEOSxNNSzNNAzMdIzNDURZE5PzRdk8vMX5C5KTc%2FMz4tPzk9JFWT189c1MBbkTM4sqYSIsANF%2FItz8gWZM4sLBPmccjIrFILzc0pLgHqKBfnyUkviiwtSU1PAqtkYBTkyi%2BMLivIrKtkYAUzOIh4%3D; TRK_TRU7=eJxjYGBgEuEQZC5NNBVUSEkzNEs2sDBMNjI1NjAzMzVJNEhNS7KwTLIwNzNMNLAQZE0qSsxL4RVkzc1PSc3hFeRKKsovL04tis9MYWMT5IfxylKLijPz83gcohwYQECQNb8YpIRFkAvIgMuqMEBkuVNSyzKTU%2BNLKgtS2RgBWyQlpg%3D%3D; trk_cpa_pixel=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 03 Dec 2022 11:11:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Content-Encoding: gzip
Vary: Accept-Encoding
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ecLDoOENS+oIXsvsneKkTjTkcs3/75OnQ2hpu0kTtGAxaHlmNbid58W3A+1lvuY1kGxrGvnjInM=
x-amz-request-id: YCVTZEVCV6RRXMYB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 10:46:32 GMT
age: 1524
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:11:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 91dca9d4d39f893b470454176592a974
4b629c5ccb094fbc16f935f6cfc219b4f03306c0
c7329de729ec1e8e19882d271545c2d9f0ba1eaedfed8c50f83bb510d3b5aa57
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C7329DE729EC1E8E19882D271545C2D9F0BA1EAEDFED8C50F83BB510D3B5AA57"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19179
Expires: Sat, 03 Dec 2022 16:31:35 GMT
Date: Sat, 03 Dec 2022 11:11:56 GMT
Connection: keep-alive
luckyforbet.com/favicon.ico
95.211.26.202404 Not Found 33 B URL HTTP/1.1 luckyforbet.com/favicon.ico
IP 95.211.26.202:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 8874bf02e5b576488740e35ffac374d4
34818fe2fbf54312142e04cef4efb38f86cb4fc6
474e80e45aef5f25213fdfe4b976ec514f4a834eea0abfb65dd5b86e4b51e4d3
GET /favicon.ico HTTP/1.1
Host: luckyforbet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://luckyforbet.com/h/oGUy3EysYBHukC62wwJTf9w0fSRp4kkHU.dD.ilZIgw0BKlBkKAlSVmdaOHhgXhUpFdFCiK5y_CuWPzXfQtmaN6FgrRrzy3bdhCjx1IF5V4YW_iBttkm3fENCOpu07P77ENtEYI8QFVdBRznWRAggSR_DRj0bUjNaVMqqRzbBzpMxWEFu3pjB73pTB9F2EK_9nRI1HOF9I.o69nPoyx5NRPwhigGVarVvTXY6zesouAznQNLBLSng3krsGGKpT7JMjLhNuYFfHXHylEq0U21J3z4SFLAiRGjQ0icVDo5S4Qqq.qq
Cookie: TRK_TRG=eJxjYGBgEmEXZMosEOSxNNSzNNAzMdIzNDURZE5PzRdk8vMX5C5KTc%2FMz4tPzk9JFWT189c1MBbkTM4sqYSIsANF%2FItz8gWZM4sLBPmccjIrFILzc0pLgHqKBfnyUkviiwtSU1PAqtkYBTkyi%2BMLivIrKtkYAUzOIh4%3D; TRK_TRU7=eJxjYGBgEuEQZC5NNBVUSEkzNEs2sDBMNjI1NjAzMzVJNEhNS7KwTLIwNzNMNLAQZE0qSsxL4RVkzc1PSc3hFeRKKsovL04tis9MYWMT5IfxylKLijPz83gcohwYQECQNb8YpIRFkAvIgMuqMEBkuVNSyzKTU%2BNLKgtS2RgBWyQlpg%3D%3D; trk_cpa_pixel=4c763cd0-72fb-11ed-9b96-4db66faecdb3
HTTP/1.1 404 Not Found
Server: nginx
Date: Sat, 03 Dec 2022 11:11:56 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=20
Content-Encoding: gzip
Vary: Accept-Encoding
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d79bd28d88c06d3a054f8d7cd64432b
7994dbaee418b48fbb61585514982f201e68dc96
40540b2b91d4f0e4659f85d7854835f47bb179e27240c865d7ff777988ad1ff3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "40540B2B91D4F0E4659F85D7854835F47BB179E27240C865D7FF777988AD1FF3"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9321
Expires: Sat, 03 Dec 2022 13:47:17 GMT
Date: Sat, 03 Dec 2022 11:11:56 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 11:08:58 GMT
cache-control: public,max-age=3600
age: 179
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 002be102dd57b317506b54febc9d7113
92f2230c7d738562a77926d0545f5f38c9d00432
c283d3b81594fa9b1108275afdc01e85369d7925704bb2b9836d03cc6a70b478
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C283D3B81594FA9B1108275AFDC01E85369D7925704BB2B9836D03CC6A70B478"
Last-Modified: Thu, 01 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11671
Expires: Sat, 03 Dec 2022 14:26:28 GMT
Date: Sat, 03 Dec 2022 11:11:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6580
Cache-Control: max-age=171874
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:11:57 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:56:31 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.240.57.100101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.240.57.100:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: MdSZXLhPFzMarQa7dYibKw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1nnV7sKv9VTPuuE67swiAcBOGT4=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15417
Expires: Sat, 03 Dec 2022 15:28:55 GMT
Date: Sat, 03 Dec 2022 11:11:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15417
Expires: Sat, 03 Dec 2022 15:28:55 GMT
Date: Sat, 03 Dec 2022 11:11:58 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15417
Expires: Sat, 03 Dec 2022 15:28:55 GMT
Date: Sat, 03 Dec 2022 11:11:58 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 00:57:24 GMT
age: 36874
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9b77186d0d93f7ccfe729edd9d184af3
458aa485b9abef3b72427d308a172d1c24eceabd
8bed5a8e56e8c43fcbdc807245c2b651d014a06368574e57a25b718399a4a701
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20049904-a818-4d1c-9585-79edf76dcc61.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6966
x-amzn-requestid: 2b40c185-e050-4bfd-9b08-bb70e6f89824
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfAb7Ev3oAMFnrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6389144c-65301ace20da6f580ed77e82;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 20:53:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xBRZ6xulfveO7b5ZY8ApNbQJ1Sz8LbzEAb3YqxOEaZGYem-ZRaar_Q==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:56:31 GMT
age: 18927
etag: "458aa485b9abef3b72427d308a172d1c24eceabd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3abdcce275bb9723b4ac1d0c38cc8891
91f0d888c38db0899f106b652e3dcac062648099
ff411fc0d5abaf519d6600961ec51ad71ad9a02e23cc02ad818e27f0324b3d1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F528dcb40-0960-4efd-98b7-a07004a61b22.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7657
x-amzn-requestid: c0dbd862-41cf-4fa8-ab6b-256763c63fbf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1Fo6IAMF9EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-554ffbc83fd70c557437120f;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: V_7_ohQr9ENIjOvdvy65ZpJqg2OI9gzRdiuxCTJzl4qwXe2Nmu_tAQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "91f0d888c38db0899f106b652e3dcac062648099"
content-type: image/jpeg
age: 48151
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1e74254b3fdce7d6b84a71a7aff43789
65c8b4abf957f9b54d99d0f78559e639adb29efb
f278c3cc6734da7188862a8c651c803e7ac1fda82234e191761453cb1359d3ee
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F627a3f86-b7fa-44c4-a119-2e3d23eb8b6a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5354
x-amzn-requestid: 3d58ffea-3433-4c5c-a60b-17f6de3a33e5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsnvG44oAMFfyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638427ca-63b375f04189b7ce7d84cd5d;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:15:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -AurmlKwF0QgfsWBsV3ZN9ZyDhw1Zo82zUqrpkBbvbCfh0j7evV2Tg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 11:01:04 GMT
age: 654
etag: "65c8b4abf957f9b54d99d0f78559e639adb29efb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45182367fd4f8b6dd234eef1022acdb1
d4b3052021ff3ad1dc4134fa25eb12a98e7c17da
a57fadaf74db2fb457cfe761314d56f021d22146f5bdb6a8bf11b6519e8a558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73b53015-e415-4fff-9252-8a16bbe000f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9715
x-amzn-requestid: c8102cfa-78dc-4d81-ad6a-e16b9132e238
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZO2HQKIAMF8IA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f2b-350c586b568e6565763376bd;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0QkVKyYm9UwlF5FEeli9UsRAQwEi3-c3bMR-QSJxIKRQe7WWT76dGQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:51:06 GMT
age: 48052
etag: "d4b3052021ff3ad1dc4134fa25eb12a98e7c17da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
34.120.237.76200 OK 2.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b47431190f34eccf0a6efb98e2a32b7d
9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704
08d3b6be354cafb70c20e6865788cb375adbf88d47711651fe1a3b855094daf2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b6b798b-d396-454d-9d5b-17b47827e4ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2942
x-amzn-requestid: ed26679f-cd56-477f-9914-f9afbcaaeea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGeoGFYoAMFWgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891df7-4ec6bebe21656d5026456994;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XvG2dAUeB914GQ1qJwQRHovAtra8OSjG-CsXeR8UOBq5r8qVjEbPBQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 05:02:08 GMT
age: 22190
etag: "9fc7ab3a4eb2d36fd6df7e0267a26a47627d1704"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:11:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.106200 OK 2.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.106:0
Hash 00ab838806e0e2c71addd7b87c8ea576
32df8ea0aa91eacdf2ce1677f864adc3d06dd903
06e29fef8b55bd72a8fb52ba9bfec37d9896483ad0ec7a8a68fbc0e4b54b1aaf
GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 03 Dec 2022 11:11:59 GMT
date: Sat, 03 Dec 2022 11:11:59 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c7d147ba990ad65a2c529051e54d88eb
3869832b21954526ad8cb8dafb7797149d519230
103f0118d67ea1a692c308d9b49f842738d44b99486050602e708f03f44d2686
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:11:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 03:03:03 GMT
Expires: Thu, 08 Dec 2022 03:03:02 GMT
Etag: "3869832b21954526ad8cb8dafb7797149d519230"
Cache-Control: max-age=402062,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773bdd5aef9f0b49-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c7d147ba990ad65a2c529051e54d88eb
3869832b21954526ad8cb8dafb7797149d519230
103f0118d67ea1a692c308d9b49f842738d44b99486050602e708f03f44d2686
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:11:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 03:03:03 GMT
Expires: Thu, 08 Dec 2022 03:03:02 GMT
Etag: "3869832b21954526ad8cb8dafb7797149d519230"
Cache-Control: max-age=402062,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773bdd5aeaa00b3d-OSL
v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
8.254.252.212200 OK 698 B URL HTTP/2 v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP 8.254.252.212:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash baf96800254904a05eee2ff49c94a801
847efb3449a8d7857f004192310aa2164a71d530
0ba137aa5f655e712ac40a592f366d1bd3b53b0a6b71c2cff4e7e0090f440335
GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:11:59 GMT
content-type: image/svg+xml
content-length: 698
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Sat, 03 Dec 2022 11:10:17 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 222
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/version.json
8.254.252.212200 OK 44 B URL HTTP/2 v3.traincdn.com/version.json
IP 8.254.252.212:0
Hash ed405bbf6ee4f6210a18b08ea3230870
e3a062371a066f37afcdf237fd74750b142994c3
9d49e4f31b239f57b7f518a18af5890bf1a3d81d09b7d68d0f7738837f24efae
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x36781678.top
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:11:59 GMT
content-type: application/json
content-length: 44
cache-control: max-age=60, s-maxage=60
content-encoding: gzip
etag: "638a6964-2c"
expires: Sat, 03 Dec 2022 11:12:47 GMT
last-modified: Fri, 02 Dec 2022 21:08:52 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 13
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/c65cdfde.modern.js
8.254.252.212200 OK 537 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/c65cdfde.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 537 kB (537406 bytes)
Hash d885418e5feb49703219f8b090c8b385
ffc033b3b9b9972ecc056092ff45ea86b4cc2998
4c8e45e7fdce30f116b665548c628de7fb8e6dcc9c23de90b3a82936c64a4cb7
GET /_nuxt/desktop/default/c65cdfde.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:11:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 537406
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-8333e"
expires: Sat, 03 Dec 2022 21:37:50 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48866
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/fd164971.css
8.254.252.212200 OK 49 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/fd164971.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9037fc3ca903985352353cc393afdac7
17dad87b5533b63a119de29045ef18b61d46d774
c8f3a87e800627faad7ca4476b75009828243fbb152928549a00fe95b70bc444
GET /_nuxt/desktop/default/css/fd164971.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:11:59 GMT
content-type: text/css
content-length: 48612
cache-control: max-age=86400
content-encoding: gzip
etag: "6389a8f4-bde4"
expires: Sat, 03 Dec 2022 13:12:53 GMT
last-modified: Fri, 02 Dec 2022 07:27:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 79148
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/abc097e2.modern.js
8.254.252.212200 OK 661 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/abc097e2.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (65479)
Size 661 kB (661016 bytes)
Hash 91f63441980cb12df06324938deecb7e
5e4b4398a6e599b748703801ec7b5c3346301e25
9fb6d6af3487db55f3d291302c1223f6feea01b6ac23b14e851e851f2ec1bb55
GET /_nuxt/desktop/default/abc097e2.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:11:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 661016
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6842-a1618"
expires: Sat, 03 Dec 2022 21:37:50 GMT
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48866
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/f3792112.modern.js
8.254.252.212200 OK 93 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/f3792112.modern.js
IP 8.254.252.212:0
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with very long lines (65466)
Hash 1c242f1216e4a5867872909457c381cf
a474f3517f3c456cd27215ecc4d4240e301b5964
e62846731ef883bef79a99c90f70c46bd2584d38f1c29f95fa4ebc752ff7168a
GET /_nuxt/desktop/default/f3792112.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:11:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 93423
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-16cef"
expires: Sat, 03 Dec 2022 21:37:56 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48866
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c7d147ba990ad65a2c529051e54d88eb
3869832b21954526ad8cb8dafb7797149d519230
103f0118d67ea1a692c308d9b49f842738d44b99486050602e708f03f44d2686
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:11:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 03:03:03 GMT
Expires: Thu, 08 Dec 2022 03:03:02 GMT
Etag: "3869832b21954526ad8cb8dafb7797149d519230"
Cache-Control: max-age=402062,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773bdd5aecdab4f7-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash c7d147ba990ad65a2c529051e54d88eb
3869832b21954526ad8cb8dafb7797149d519230
103f0118d67ea1a692c308d9b49f842738d44b99486050602e708f03f44d2686
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 11:11:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 03:03:03 GMT
Expires: Thu, 08 Dec 2022 03:03:02 GMT
Etag: "3869832b21954526ad8cb8dafb7797149d519230"
Cache-Control: max-age=402062,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 773bdd5aee40b50f-OSL
v3.traincdn.com/_nuxt/desktop/default/css/004b31a6.css
8.254.252.212200 OK 85 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/004b31a6.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash bb4b44dbbd682acfdbd3f81901a18463
70dd14195194f23184e1e248b5c6ada95d76e8b7
016c93e57b040d693db2bc17eb2bd5a97a81332f3510a19f2a46a6c75c2eacd7
GET /_nuxt/desktop/default/css/004b31a6.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:11:59 GMT
content-type: text/css
content-length: 84782
cache-control: max-age=86400
content-encoding: gzip
etag: "638a4e5d-14b2e"
expires: Sat, 03 Dec 2022 19:56:01 GMT
last-modified: Fri, 02 Dec 2022 19:13:33 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 54958
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/44d57e53.modern.js
8.254.252.212200 OK 6.9 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/44d57e53.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (18205), with no line terminators
Hash 8185f954c5f73d6c942c9b269e7b2340
81d999441d22cea048ff685620a5474327774980
3c44397f3204eb3648c2427907f3653517aa3bc4a3f12aafa39b886f111dbbef
GET /_nuxt/desktop/default/44d57e53.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:11:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 6932
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6842-1b14"
expires: Sat, 03 Dec 2022 21:38:06 GMT
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48866
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x36781678.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 229085
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x36781678.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:56 GMT
expires: Thu, 30 Nov 2023 19:33:56 GMT
cache-control: public, max-age=31536000
age: 229083
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x36781678.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 229064
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:11:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x36781678.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
178.253.14.166200 OK 352 B URL HTTP/2 lite-1x36781678.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP 178.253.14.166:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:11:59 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1670065918355
178.253.14.166200 OK 145 B URL HTTP/2 lite-1x36781678.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1670065918355
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1670065918355 HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:00 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/pwa
178.253.14.166200 OK 15 B IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e4766fd1b2ba2e236fd9364587f99ab
eb98dec7af065d80a1a3ddb99cb3e3c0919aa852
4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b
Analyzer Verdict Alert quad9 Sinkholed
GET /pwa HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:00 GMT
content-type: application/json; charset=utf-8
content-length: 15
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
server-timing: dt_285;dur=5
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/2def7320.modern.js
8.254.252.212200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/2def7320.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (2510), with no line terminators
Hash 650c4387c576a49c8e72233a905ee153
8a74f319540212c618be068e1884552e4d052589
3eef49989597d040e2e026e4586a4471f9e3144c86787931df3a1eefddf76fbf
GET /_nuxt/desktop/default/2def7320.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 1082
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-43a"
expires: Sat, 03 Dec 2022 21:38:09 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48859
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/qatar-200061.svg
178.253.14.166200 OK 8.4 kB URL HTTP/2 lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/qatar-200061.svg
IP 178.253.14.166:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (18547), with no line terminators
Hash 7e09d5e2d1ad965370c55663319b3d52
0e9b72df5b57ab2ac4715cfdec7e615c728c6ffa
229e464b3516e4444e34cdfc5c4ffbf146d3e5b27ef887ff3651e2bd56204608
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/Desktop/Default/svg-sprites/qatar-200061.svg HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
etag: W/"638a6842-4873"
expires: Sun, 04 Dec 2022 10:12:40 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5ba4ca83c2425031f2088a0ee4ac5fc0
8439866bed725e251d10799f2a52492c66ceb334
c2b5e7a183558bc3d4ed8100ca2a4d7d94aba9790adcdf2d734456056bf09be4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4730
Cache-Control: max-age=107012
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:12:00 GMT
Etag: "638a1b8b-1d7"
Expires: Sun, 04 Dec 2022 16:55:32 GMT
Last-Modified: Fri, 02 Dec 2022 15:36:43 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.googletagmanager.com/gtag/js?id=UA-178408567-1
142.250.74.40200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP 142.250.74.40:0
File type ASCII text, with very long lines (1921)
Hash c5dd649df24befe18cce2a1b8d1b0f6f
593a851547d915300e9afbb0254c01a93e7dc9b9
399df8b5514f3813e2f9a0ed78467129238e1dde663fd6f81e3392176da32edc
GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 03 Dec 2022 11:12:00 GMT
expires: Sat, 03 Dec 2022 11:12:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44647
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x36781678.top/version.json?timestamp=1670065918525
178.253.14.166200 OK 44 B URL HTTP/2 lite-1x36781678.top/version.json?timestamp=1670065918525
IP 178.253.14.166:0
Hash ed405bbf6ee4f6210a18b08ea3230870
e3a062371a066f37afcdf237fd74750b142994c3
9d49e4f31b239f57b7f518a18af5890bf1a3d81d09b7d68d0f7738837f24efae
Analyzer Verdict Alert quad9 Sinkholed
GET /version.json?timestamp=1670065918525 HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:00 GMT
content-type: application/json
content-length: 44
last-modified: Fri, 02 Dec 2022 21:08:52 GMT
vary: Accept-Encoding
etag: "638a6964-2c"
content-encoding: gzip
expires: Sat, 03 Dec 2022 11:13:00 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:12:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
radar.cedexis.com/1593429750/radar.js
35.241.57.45200 OK 19 kB URL HTTP/2 radar.cedexis.com/1593429750/radar.js
IP 35.241.57.45:0
Hash 7168fe337c1e58b9c7ba6980c3c8d409
b46fbfcbc7cfbe46099260dc2dc91cf1f91b0205
55651fbf8e77ada7340839103af2686e5a4c796569a5b077e6b81c850bcd5cc1
GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:00 GMT
content-type: application/javascript
last-modified: Mon, 29 Jun 2020 11:30:29 GMT
vary: Accept-Encoding
etag: W/"5ef9d0d5-af5c"
expires: Sat, 17 Dec 2022 11:12:00 GMT
cache-control: max-age=1209600, public
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/21ece11e.modern.js
8.254.252.212200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/21ece11e.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (2873), with no line terminators
Hash aabd868484f45895d74781763e30220a
fa5220d9f0aa0f9296a64a3e1207fe3542ec5524
fe03a5569f750cbe172a094c3fc20b3add1159f6ea323d394e3a7d05e3c383e2
GET /_nuxt/desktop/default/21ece11e.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:01 GMT
content-type: application/javascript; charset=utf-8
content-length: 1116
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-45c"
expires: Sat, 03 Dec 2022 21:38:48 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48846
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/country-200061.svg
178.253.14.166200 OK 56 kB URL HTTP/2 lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/country-200061.svg
IP 178.253.14.166:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 71e18bd8326e8c1e77888f98a64379e9
551a162444340b4eac456665da866029f0691cc5
6a6a7b6fdddf6812b8ce9d62f98fb11431463cd5902be4a9d809fde31f52ed02
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/Desktop/Default/svg-sprites/country-200061.svg HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
etag: W/"638a6842-26132"
expires: Sun, 04 Dec 2022 10:28:54 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/common-200061.svg
178.253.14.166200 OK 56 kB URL HTTP/2 lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/common-200061.svg
IP 178.253.14.166:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 341ff64db3bfe50119072c0dde391213
eebf86931628d25e330e5384c0b42d39e6392651
e4fa22326f0b10f2d3f11738405c1794e94ee4c5abc007994ebafdfd75925ab7
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/Desktop/Default/svg-sprites/common-200061.svg HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
etag: W/"638a6842-19794"
expires: Sun, 04 Dec 2022 10:12:30 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/4fb2910ef6d4f8ad984f2aa4bc28b610.png
178.253.14.166200 OK 4.5 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/4fb2910ef6d4f8ad984f2aa4bc28b610.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash f988271bc96127f9b3d88e497a36f659
e8b95eeb19f378cdb46404cb1f1487d049f7cda0
4b92c8a1d55693ebe407159d479ac304a937148297688f5e1fb1a0fcf0a30f11
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/4fb2910ef6d4f8ad984f2aa4bc28b610.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 4453
x-amz-id-2: 9tw3iYy0WOtgT8KcKwQa+FKVCBxhnIVhWsQQhDwEfsXssx/dabkL+hnnGM//ABqj67/L7vrzmMTb0D0HxHjluA==
x-amz-request-id: JAR5JK38S2JHAGG8
last-modified: Fri, 20 Nov 2020 07:12:06 GMT
etag: "f988271bc96127f9b3d88e497a36f659"
x-amz-version-id: sXXI9fYJFn9.uV43OD2m4Tlu3BCVNrey
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/api/converslon/load
178.253.14.166200 OK 25 kB URL HTTP/2 lite-1x36781678.top/web-api/api/converslon/load
IP 178.253.14.166:0
Hash 477e93b45bd7c6ec93c8b47274725635
751e5e38cc531f93edc521dfa71a34ee2dc8b15b
73077a640f43980392d34fd12b1ccb645aecfe566ae64bd8ff55a240c401e306
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/converslon/load HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:00 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=20, dt_285;dur=22
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/10367f3334f03ff8e180011620eefb23.png
178.253.14.166200 OK 16 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/10367f3334f03ff8e180011620eefb23.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash a18350b1e07460bb4ddf5ad7ece98a51
bba2f3b059532f5b58c04553df8313b2f17bf4dc
5f534e97662f089725cb3019400920d0c7d633b8e19cc69cfc0e87c68160c4a3
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/10367f3334f03ff8e180011620eefb23.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 15844
x-amz-id-2: eicplQRIB5DBbzX8iiBYPUF/edyyboJPffbqxoAccg8KNoJwHKu/Q1pElslqCK4lNXB3zrX7FIOHQeXpOeod4Q==
x-amz-request-id: JAR5S9HQQH59EPPG
last-modified: Tue, 17 Nov 2020 11:46:49 GMT
etag: "a18350b1e07460bb4ddf5ad7ece98a51"
x-amz-version-id: G3ZLYo0Og6_wL_03p_RF18vz3zBvhiUG
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/10c54c6669c0f08c7c54d28a85dbd40f.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/10c54c6669c0f08c7c54d28a85dbd40f.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 5c24346c8fcb65ff27128ba4ecb26596
9e0178c5cfc32bd0746452e4394c2e240bd42085
fcbb17bb96aacc1e0656593d12e29443c3384c480d3898fb369ae6da66fc8005
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/10c54c6669c0f08c7c54d28a85dbd40f.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 11180
x-amz-id-2: qUpME1qKU02LfDuQl9VMxwHYa6SBAqzdcFP9LqIS3o9v8SQJNF/9Lvlrm1bSt5/3XLKQmN/0/wgerPlYI1vjpg==
x-amz-request-id: 280X6MSYF8DBMZTD
last-modified: Tue, 01 Sep 2020 09:27:28 GMT
etag: "5c24346c8fcb65ff27128ba4ecb26596"
x-amz-version-id: ChsyRcgANFmyMdJxEZenwBehHDGnvLm5
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/9334.png
178.253.14.166200 OK 8.1 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/9334.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash fef5f3995d9b2a84e610da78d7d4136e
3f1f326d4efde71124f070e1878fa4d38b06a04e
73f8cd6cd54a18c1594691ac1051bf564fc2bb143af4d6474e4d5ff17dc77f4f
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/9334.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 8090
x-amz-id-2: ZhtJ8rCg1eymhctaav58pWJM+/P19jUXqLNN2/TdXb32HFO1inurDKKKrjTxPNhWpdvRQ2+XUNGqm3CjZ7mHeg==
x-amz-request-id: 280YHWMW4SHTXKP3
last-modified: Tue, 13 Aug 2019 15:12:44 GMT
etag: "fef5f3995d9b2a84e610da78d7d4136e"
x-amz-version-id: StKK.UD.SLMRFKOYWKjuafTNYZL.RXwI
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/1898.png
178.253.14.166200 OK 4.2 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/1898.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 988a13aee26a37381370ef18ecb1a2f7
8b9c491bbe54e2dce680fcb990bcd011e3f35f84
c7d13dc708c1c1373d8dad2f74ea67f542820b79ac1f362849d14a8d16f83219
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/1898.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 4241
x-amz-id-2: j0dq4w+Zd3xU6QG7FJ/WfhaXPZUG/xs84yeDnuvF9PGW8FrQGTHcfalbRCePN7vCStVap/0JS05vE7yZvr5OwA==
x-amz-request-id: A0Q871MTVXKG6304
last-modified: Tue, 13 Aug 2019 14:56:57 GMT
etag: "988a13aee26a37381370ef18ecb1a2f7"
x-amz-version-id: ennrTzRtkjF_8.U_CeGFgRus0tzh5q.0
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/d55009689eb39b7a1d4ecbc7801ff594.png
178.253.14.166200 OK 16 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/d55009689eb39b7a1d4ecbc7801ff594.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash d55009689eb39b7a1d4ecbc7801ff594
d19bc659d545e36ad086dbe18db0416765f43e7f
4afecbf20dfd86b12cd6a4e9be08b6e0c915d7189bad94ab10ca948ba8227a8b
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/d55009689eb39b7a1d4ecbc7801ff594.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 16352
x-amz-id-2: 4VhTN+kTD+2yOPDA+CVCGyiJBFDQnCP6dheCkICLRtt+sDFDjwAJ4Pis4NqiseSPdkAcOLvEmSSmTkPH5XSxEQ==
x-amz-request-id: A0QD06MQRKTA5W58
last-modified: Tue, 13 Aug 2019 15:13:39 GMT
etag: "d55009689eb39b7a1d4ecbc7801ff594"
x-amz-version-id: Ipw7c9jol4xCUKFUIdC6K8YzarfZ2iNP
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo-champ/05bc2c6ed5eaf747ff173891889841d1.png
178.253.14.166200 OK 20 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo-champ/05bc2c6ed5eaf747ff173891889841d1.png
IP 178.253.14.166:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 97b2806ac7b36e55677f0160e9874173
7ff9b27d1b07f84e5f3c76bffc3b75d67edd326a
a43e120f28ed038c7a5325de2021da2ba5262dfe89973475e99538e6badeedfa
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo-champ/05bc2c6ed5eaf747ff173891889841d1.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 19917
x-amz-id-2: lNLbydfV7PX8v+wExrTZpGO5xrOfSSeEV9myv7i05TCOrAWdupczAOwv443mIYjtOewhV+KvxUkcNRnyLcJUiA==
x-amz-request-id: A0QAT9XREMXD1SKT
last-modified: Tue, 03 May 2022 12:15:51 GMT
etag: "97b2806ac7b36e55677f0160e9874173"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/14785.png
178.253.14.166200 OK 10 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/14785.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 87cbc41028fdfff29206a9195c2dacd0
1722342f5fca0a8ceb719c98cf342aae21d13fa7
0cf076d9c50ca35eb48193867cf58dd0dc149f919b47d3fe2b1c7feeb173b0a7
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/14785.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 10088
x-amz-id-2: qSXQIWmEuq2ZzvJ9DK2EPiJRdro/+zmEok8DhbHZugWHyf/JXACoEZpW9JxCAj13UMOgofBGjBTVzE7/GT5KVw==
x-amz-request-id: A0Q3Y1X09FY88615
last-modified: Tue, 13 Aug 2019 14:54:04 GMT
etag: "87cbc41028fdfff29206a9195c2dacd0"
x-amz-version-id: 0yBEDkg9uwZxPfMahKXoXSjGSaX.wFTA
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/06a93b1ec64360deb82afee493b226b1.png
178.253.14.166200 OK 19 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/06a93b1ec64360deb82afee493b226b1.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 61ca74abdc7f61e3b04eb01793a5cb0e
e77654400223ef92146447af850d1fdcec0bf32a
9721f41003d4c6bf04ccd9bb625c6790ef80d80259c3753960e8e85728aa4fc7
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/06a93b1ec64360deb82afee493b226b1.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 19175
x-amz-id-2: rBdT6vQas/lrQI0VsOx59p1yQMrLBXzrOJY89ZKUP5F+/dxUifQG93izQnPCYPsBYffIJdFazWOfM7BXS3f+0g==
x-amz-request-id: A0QENTRBJ5J9B3H9
last-modified: Tue, 13 Sep 2022 18:34:30 GMT
etag: "61ca74abdc7f61e3b04eb01793a5cb0e"
x-amz-version-id: RtCM0EAvMiwgyZ3UZ3cPGN1jEovs5f4a
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/d2bef9413339b3b0658fdf2bdfdc3044.png
178.253.14.166200 OK 14 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/d2bef9413339b3b0658fdf2bdfdc3044.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash d2bef9413339b3b0658fdf2bdfdc3044
74a10d2ba1e64d30f4afb1b7fed10a03487f90dd
7e9017be16582a4b50032fa03305191be23d0a0931fcb6ab408b711e35ad47fa
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/d2bef9413339b3b0658fdf2bdfdc3044.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 14339
x-amz-id-2: 2K5io0thvNjjOEHNY20R2zDa52+u3EhowX9lhPuB9YQFictPutWRimsOIy29K5YkGVDN+4bWoeEkFAT/d9XeCQ==
x-amz-request-id: A0QA5HZDYM987PVK
last-modified: Tue, 13 Aug 2019 15:13:38 GMT
etag: "d2bef9413339b3b0658fdf2bdfdc3044"
x-amz-version-id: RN5UaaiTcGCo_6rd0Ms9kFPrwUD58vw6
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/75a04c5abb301851420e6282f6efc966.png
178.253.14.166200 OK 6.3 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/75a04c5abb301851420e6282f6efc966.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 75a04c5abb301851420e6282f6efc966
d82a1cc2047ecb1177bcb6cf255c34b84f462d57
15d052e4b48374d649d7d1d026bb6cf955a421c02f29758c968c251616dd12e2
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/75a04c5abb301851420e6282f6efc966.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png, image/jpeg
content-length: 6343
x-amz-id-2: dD8QrYDosLLLNRj7GPPg6z31O8tIZIt2J2XdRdQr9a1Rn4r7M+ZRzViRuH2hF9WBJPzxuN4bWPRfHrkcYj3sNQ==
x-amz-request-id: A0Q7WHWD547KKS0M
last-modified: Tue, 10 Dec 2019 18:01:56 GMT
etag: "75a04c5abb301851420e6282f6efc966"
x-amz-version-id: hjFNkTjG8K9bciWGw7MTDdU4bvpzJf7P
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/34263.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/34263.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 98f43f7f7d29154eaf5b19b500393953
9f1ddd60ea4e1c16e364b272b61d6b58c06ab511
a0e1acb670a0a9fc81267bb24f3a352574da7b17f545e12d382d69916608ad03
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/34263.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 12721
x-amz-id-2: Vwff+iALHzJeWHS4i50CKHJe5mtuZmZAyCnS0LEecAT0GV59+JZzJcjKrzGe+85baWmKxeu3RylhxN/SUQcoWA==
x-amz-request-id: A0Q7MGC5JRZCRZB9
last-modified: Tue, 13 Aug 2019 15:04:45 GMT
etag: "98f43f7f7d29154eaf5b19b500393953"
x-amz-version-id: cL19WqeO70rm4lRdqDWvpzmnLuk7_IK1
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/e90abdc9ef6f260473e718f8b1689f6d.png
178.253.14.166200 OK 17 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/e90abdc9ef6f260473e718f8b1689f6d.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 5787c0b9a9346a696486ba411b6cef4c
964b4e18ad3122f0042e5439432815544abb65fd
4e09e24aec025d92c015084a2d5548a5ce9d31db0cfe81e1339638eeace6f2f1
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/e90abdc9ef6f260473e718f8b1689f6d.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 16922
x-amz-id-2: mcAWoOJWGka0Xn4SDPURF9LFSUUobUZVURPzkRkh1RQh4yE/6JSqbMvyRDbPtSp34bguSx/SkpJ054PuvFipQg==
x-amz-request-id: A0QFSHGTD1SACVVG
last-modified: Wed, 14 Sep 2022 11:36:01 GMT
etag: "5787c0b9a9346a696486ba411b6cef4c"
x-amz-version-id: rLGw5_DPt_1B9AKWRWNJwN1zlEATt1x4
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/12d63d5ec829b4c15a0605ca09f68174.png
178.253.14.166200 OK 9.6 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/12d63d5ec829b4c15a0605ca09f68174.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 12d63d5ec829b4c15a0605ca09f68174
a9b1fc438e8060a8701168f75725103387911f48
1ef8f22cad997b25134c00153c25c8400e1890794b2ac042fbcaf4017667e64a
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/12d63d5ec829b4c15a0605ca09f68174.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png, image/jpeg
content-length: 9636
x-amz-id-2: 6GX1/sCfXEAOcwD9Qa81TfIZ45s5dtm2w2zl0iRIsdYv0MpIp2k/MxbxMkeG+3lLVgeZXV6eMkkCWaSD9CFUuA==
x-amz-request-id: A0QARCY967CH8J53
last-modified: Sat, 02 Nov 2019 06:28:01 GMT
etag: "12d63d5ec829b4c15a0605ca09f68174"
x-amz-version-id: NGukfOeqhQj9ZFWdN_k4cryMlh5BTNu2
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/84ede94102ed8daa160e7e0670084264.png
178.253.14.166200 OK 7.2 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/84ede94102ed8daa160e7e0670084264.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 84ede94102ed8daa160e7e0670084264
0eec2b70bdcd149710d8da02f7b61c50320afc58
bcfa76e609452bb655a31c34e143c7715490ae9d743340cc43385682eaeb6981
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/84ede94102ed8daa160e7e0670084264.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png, image/jpeg
content-length: 7244
x-amz-id-2: 2W9wZ3ODAvJYyzXww767HQroMkK58xWzCdeLR668aNLX5X8OxbhjMl7P9/yT1X4iUb3wVtQhn86QT+K+KAFdMw==
x-amz-request-id: A0QC2T7WZGRKPM3F
last-modified: Tue, 15 Oct 2019 13:25:19 GMT
etag: "84ede94102ed8daa160e7e0670084264"
x-amz-version-id: qOcOM1dfW3zlVQLWMjqdiRZFSHKPmcd_
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo-champ/9c84ebd33931cf01e87ab57ce8273372.png
178.253.14.166200 OK 4.1 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo-champ/9c84ebd33931cf01e87ab57ce8273372.png
IP 178.253.14.166:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 8f58aa7c75b65ad276cccc7a4b780494
1e5386b4066a3ce2a54b333053e20d8c6e4dd3ad
876f220805c65fd318c1b0e4658b0f17af752c1214a2bed7275533508ea1ba6a
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo-champ/9c84ebd33931cf01e87ab57ce8273372.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 4126
x-amz-id-2: 6w5IwLDwc+6xJTaqRpCCdsoV6yR629wF/i0sG4LilMWDRl6wGAVf7L0BCUi2qT/1/INC3Jqi/faeXyRoPvATVQ==
x-amz-request-id: 01A0033931W6DS5Z
last-modified: Thu, 12 May 2022 18:39:48 GMT
etag: "8f58aa7c75b65ad276cccc7a4b780494"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/162523.png
178.253.14.166200 OK 6.6 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/162523.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 720f63a371d665f5ec8b0616cff6be22
2da628ab4a00392e6c62dc12fd6e5dd7295cad2d
168426426ffaae8a031aa4380f910fed6e47c1f0ceacb2c322f9c0be840bfaaa
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/162523.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 6556
x-amz-id-2: ++tPHA4gvx+V7EY4maz8XlASM6IF6U91JD4oO28Rk5dx/6py6ZhfmX9XsPTSXhZeA5jzJf8ucxykpdoeJ8CG4Q==
x-amz-request-id: 01A7S4T14DZ5E0NN
last-modified: Tue, 13 Aug 2019 14:54:54 GMT
etag: "720f63a371d665f5ec8b0616cff6be22"
x-amz-version-id: sfYiXYm7FpvJre_YjAjh.kdn94XEqrjq
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/4c734f2a3991b3b2c55907ee8c0d98d7.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/4c734f2a3991b3b2c55907ee8c0d98d7.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c734f2a3991b3b2c55907ee8c0d98d7
f1f9dee0c6e79a7268d79f5c239a9da1838e963b
1d242ccd456adb5bbc7085fa3c3d828e28797f5f3ffe7bc58767c2326428b81d
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/4c734f2a3991b3b2c55907ee8c0d98d7.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png, image/jpeg
content-length: 11028
x-amz-id-2: hkQBWJBXN5Ue1ZGOg+bdLMrp+Sw4bSCJZVYFnHuGdL5W1N/MP96wftQYIZsYCvsUWItAqITAwCE/2O0ONO50sQ==
x-amz-request-id: 01ACMMBE50X0978H
last-modified: Tue, 17 Dec 2019 09:00:58 GMT
etag: "4c734f2a3991b3b2c55907ee8c0d98d7"
x-amz-version-id: KYSGPUpXQqxov4f8TkRwzqipsjP91AMI
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/0884beced57ec708dd5ad6692c463cfd.png
178.253.14.166200 OK 9.1 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/0884beced57ec708dd5ad6692c463cfd.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash b3365fc6314c4f75300abe857b6af7f4
5548ae4ef025f2ed88dcda117141a9976c933b64
14bdf161346235442dc6720097d897e96996e165b803acc0296e95a012023382
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/0884beced57ec708dd5ad6692c463cfd.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 9061
x-amz-id-2: nP6EcNwOp47rkYAegYtuTPvGh478o24Xv2JupjYNEP6WhkK/HMuacHmynu5JWKX2innEsAKf7w4MXD6V9Ex06Q==
x-amz-request-id: 01A10S85PTMYWWF6
last-modified: Sun, 31 Oct 2021 12:11:28 GMT
etag: "b3365fc6314c4f75300abe857b6af7f4"
x-amz-version-id: exWNgkYtKDG.2JilGqVizq9DcHt29pt8
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/dd3cd2df6511456e20a1f6a761ae58f4.png
178.253.14.166200 OK 4.7 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/dd3cd2df6511456e20a1f6a761ae58f4.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash dd3cd2df6511456e20a1f6a761ae58f4
199de91515bf71258cb264db42e7eccc3e3d9778
eb02aad75f4f5754b95d77574b7efc8685120a2df150db0f5989e924b27340e5
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/dd3cd2df6511456e20a1f6a761ae58f4.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png, image/jpeg
content-length: 4745
x-amz-id-2: tuKhj0IRpVtO0u89P7tEC/36zAIqMi1imfMMHx3Fw9n4FPXfnkjFODhcf2dd/NjdqxgfQgGBM8QtAt1XgwQ8uw==
x-amz-request-id: 01A6NMZRAA8R0J8Q
last-modified: Sat, 14 Dec 2019 10:52:37 GMT
etag: "dd3cd2df6511456e20a1f6a761ae58f4"
x-amz-version-id: zqCOnTtDGeJAutTlEdaCPz8uMWnhCw7J
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo-champ/c223517fcf9c5dab03747c3e0d78c581.png
178.253.14.166200 OK 20 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo-champ/c223517fcf9c5dab03747c3e0d78c581.png
IP 178.253.14.166:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 97b2806ac7b36e55677f0160e9874173
7ff9b27d1b07f84e5f3c76bffc3b75d67edd326a
a43e120f28ed038c7a5325de2021da2ba5262dfe89973475e99538e6badeedfa
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo-champ/c223517fcf9c5dab03747c3e0d78c581.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 19917
x-amz-id-2: J766W2qdAlhMta3W5gOqFBGzVUNilk6MBt5UAuFRp8/ZeyOL24bGvi87FsEP7wAESaEeyC49QlKS1FyY8dizAQ==
x-amz-request-id: 01A9G80RP4WD2AB9
last-modified: Tue, 03 May 2022 12:14:47 GMT
etag: "97b2806ac7b36e55677f0160e9874173"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/13189.png
178.253.14.166200 OK 8.5 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/13189.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash ca1cee37350b938de1cea205ea2afc80
baaaf9d36a816544e76091ea4972d95a8085bf37
0a33309960f474e15d06b11b42748edaadb050c6eaa0082e3c198e2db5558074
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/13189.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 8473
x-amz-id-2: cyVJIz3mIqnu5z/g+iirOQ4M7mVW4jrOs6fP+U/bPWmLwJHzQnrpdtdFxdNnMTfbgHYYUTNhhON2ffh8SXX4hg==
x-amz-request-id: 01ADKBVCVBZNGWRK
last-modified: Tue, 13 Aug 2019 14:52:59 GMT
etag: "ca1cee37350b938de1cea205ea2afc80"
x-amz-version-id: DFA67Gxap.29i5.OipceI.ZQUnbC2bd1
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/5babdac793c016d303db8c90fa6925f5.png
178.253.14.166200 OK 12 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/5babdac793c016d303db8c90fa6925f5.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 67b32fa4c7b3f0465ab74d987e5b370f
ee105f0e4fc2305d6bb3befff140634bb4c0fc4c
b7e6adef1e32937122a63ceb3cfc85beff4729b0f75c18f510f4e72fa8a349e4
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/5babdac793c016d303db8c90fa6925f5.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png, image/jpeg
content-length: 11883
x-amz-id-2: Z3/GxyS9lAagq5PRKWP1yBUZdjOMgutbYgEjnA4a9WpWjNO2p/Kse6l8+DaiWJkc+Wn9YPcu8QxXiapfQOEz9Q==
x-amz-request-id: 01A82NG7CJER90GK
last-modified: Fri, 01 May 2020 14:24:22 GMT
etag: "67b32fa4c7b3f0465ab74d987e5b370f"
x-amz-version-id: I8TmmM1q4YHb6EMkH2z_qUgnw6k_Vuco
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/12601.png
178.253.14.166200 OK 10 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/12601.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cf0f619dd7329e71629341b471df0d70
22ea5772d8aa07884ec1ac1f2e24766392b07a6f
0725586b42b307c9d910d342414285b71df9391009d650b4302613323f73f6e4
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/12601.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 10248
x-amz-id-2: sSvyPxWwhhlcF3TxUHmY8tdLfh/JL/Fsp23l/w+GOzxnINpUIvMGkkXSFdR76h2EYJRFuek/zAbDwL3U8pO4Ow==
x-amz-request-id: 01A0KJ23FQP9E1DP
last-modified: Tue, 13 Aug 2019 14:52:37 GMT
etag: "cf0f619dd7329e71629341b471df0d70"
x-amz-version-id: bH4DUdwtrpD0R2GZ1NhSnA1AxTpq7U7R
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/12759.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/12759.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e9c33ff3cb0f246e67cd0ce669b6c153
93ffc0086a3bbcc577302ca0ed16b4a305018ee7
268bb3752bc873f4a26c4c13380b8ed2bab575ecffe2525385171dae177956ed
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/12759.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 12817
x-amz-id-2: IMAtU5T/qgjY1k0tZegzJJmr9RHPCdLTyzupx1OxTBngHVaxCLQlyqxOqXNFJxbyKl2ntZXFPUlxo4shc8qupA==
x-amz-request-id: 01A9S32XW9KGQKRE
last-modified: Tue, 13 Aug 2019 14:52:42 GMT
etag: "e9c33ff3cb0f246e67cd0ce669b6c153"
x-amz-version-id: pJWehdpggqBOeIKGR0FMKXUgNQv.lqnN
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/defaultlogo.png
178.253.14.166200 OK 2.7 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/defaultlogo.png
IP 178.253.14.166:0
File type PNG image data, 55 x 54, 8-bit/color RGBA, non-interlaced\012- data
Hash 72c91e676105dc1628e8a636554bfcfd
c0162ae779e4000be14b99e96981ff309a41b0ee
d10053f91feb4cd1a54f46fdcb8eb5193e4396a09e6341458edcf2f38ada718b
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/defaultlogo.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 2713
x-amz-id-2: L9W/k1motTIq9crp64dBdOqvj5ljucJ1xddDXBxLsDKnPlB754TM78ZytgDlZa1TzCMc8S8WafZvd1hsL7w05w==
x-amz-request-id: 01AFCR25V8ZZV77J
last-modified: Tue, 13 Aug 2019 15:13:43 GMT
etag: "72c91e676105dc1628e8a636554bfcfd"
x-amz-version-id: ygHOXyYx_9gTcW50FeqErA8BsSDNEhuz
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/b258474167af382a206b7dcea58a6ca4.png
178.253.14.166200 OK 9.3 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/b258474167af382a206b7dcea58a6ca4.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 5485d3d456c67692f232d09ee2b7174e
fc044ce84c6c35519b35d2ddffafacfef03b77d3
039e59f716be6ff54f92df46ecdf8612b5a57414645a3127566dca04d2a7f045
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/b258474167af382a206b7dcea58a6ca4.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 9272
x-amz-id-2: UN5OCu6t4auqI73TRN0ImRFNdBgk4J9EmqZakb5cydYDIiwGGG06nZqmjKT3o6fg+eckU50CxzcgWRfCrmPzWQ==
x-amz-request-id: 01A2H44H5M8M004G
last-modified: Sun, 20 Dec 2020 20:37:10 GMT
etag: "5485d3d456c67692f232d09ee2b7174e"
x-amz-version-id: vCvUyrafL3Jc9uiN4uH_3QHQwiQNqehQ
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/4498.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/4498.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash eb37238a6dbf2020fbb70524ba9f715b
7539c57d4b8ee88d900b79a5a0ec84022911c0c1
5cfcbc6eefb356bf897ec73e9528656e234bb525ce1fd5f56a480d1eab2ec6f2
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/4498.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 13143
x-amz-id-2: 0FEHG4yH8ew7RjiyWRBbL70Wu5OA0xCtACZo74ceWUckFv0O0I/dn+vH0v1lLlz1rTAFCqRBtKtXD380FGwV4w==
x-amz-request-id: WV9S88SPSFB40W7Y
last-modified: Tue, 13 Aug 2019 15:06:35 GMT
etag: "eb37238a6dbf2020fbb70524ba9f715b"
x-amz-version-id: 3itmjxQ.63FcDRUvVqWQCrA4Ii3VkoUV
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/baf4e51de8fcc71567bab023c955cf7a.png
178.253.14.166200 OK 14 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/baf4e51de8fcc71567bab023c955cf7a.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 45871f2cb4156b1689a46a438dc000ad
ca1c5ee172108bb6c5f3adc4d102c8cab803e4a8
4172f9ea650b24727dbae42c1675f44527651647a8a12262f1f835ab9fbdde60
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/baf4e51de8fcc71567bab023c955cf7a.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 14409
x-amz-id-2: 8/WKFIqY8+2SdA7GwMdTkAjsYyVWNbTILOuLDZqIEp7f5/9IuC25CdVPc1oYYU39Q0GI1T88xuxjtEOhBxa3iA==
x-amz-request-id: XKXM7Z0DPVEDD80N
last-modified: Thu, 13 Oct 2022 12:40:42 GMT
etag: "45871f2cb4156b1689a46a438dc000ad"
x-amz-version-id: _mtpoqV8pKUujlkPreiED6tPZkTvWyvZ
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/4496.png
178.253.14.166200 OK 9.2 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/4496.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash b2e5cca786c945ac7f3c5583f74b177f
48d1835f189398c33d0c3a944366db9d3f9ca35f
a05482a22d4cbd7cb4a6caed9cba9187cc4fc0da7fe79897cab16800d39b7f45
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/4496.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 9185
x-amz-id-2: Rg/w0U9ZyJiKRo1dH/C+xf1q/UTexEPeACFAu6LhGkqVFaYUpho9JjoAo1HkTJ100T+DLq0Nq1fwOhNVbYWHbA==
x-amz-request-id: XKXQDGQN2C7M9RQ6
last-modified: Tue, 13 Aug 2019 15:06:35 GMT
etag: "b2e5cca786c945ac7f3c5583f74b177f"
x-amz-version-id: WNSAs9pSINesbs2x9dxJLs5pg8B.NQ6k
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/2004.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/2004.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 2035a825e77f7f315449070415e9fb5d
41c9b42db39041c47be8fa43ae35607ef376b3b6
f83dc4adbfbd6228bcf4a25916064acbb61ee83fe976bbec492f3c05e88c1aea
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/2004.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 10717
x-amz-id-2: wm4PJMfWPy4fqTMF0kve9tDV2skup9NDKisIrqshG1OHdaeT8w/0ircO9w5T24/TpnSj8i7pQsWsezE65f0EzA==
x-amz-request-id: WV9HW3VMAD0GXQ0D
last-modified: Tue, 13 Aug 2019 14:57:51 GMT
etag: "2035a825e77f7f315449070415e9fb5d"
x-amz-version-id: Tad3e3NR5CYVudhdRnSlijJl1jBqVvCu
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/e65f1e0866170fc8fa00fe6d07ff2411.png
178.253.14.166200 OK 9.9 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/e65f1e0866170fc8fa00fe6d07ff2411.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash f3d5883dabf21f44915373f76e66baae
11082e17e50b8d075bee400630901c195f7da70f
2ccdf946a70c73052c2290df10c4969d29363145b5f0e852371a89a4ab309cfc
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/e65f1e0866170fc8fa00fe6d07ff2411.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png, image/jpeg
content-length: 9895
x-amz-id-2: e3cIeZhuKm9KQSkPizm7QIh5sgltlcDEnOW+p90z0XsPn4WfLLp0N1MGbpmjwEDN0VD8xYp5yCGj6dCBidTCqw==
x-amz-request-id: WV9NJAJJ9Y2J6SJS
last-modified: Mon, 23 Mar 2020 12:02:26 GMT
etag: "f3d5883dabf21f44915373f76e66baae"
x-amz-version-id: KA37Uu4RWjKftITCI3HWFtvVtmXtQ5RQ
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/8e8d3577f29263c4b081ec72664f025d.png
178.253.14.166200 OK 12 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/8e8d3577f29263c4b081ec72664f025d.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 8e8d3577f29263c4b081ec72664f025d
a062e14205c3f2146841d775b7da1c7b2d4fd9a7
59859bc14a8eee9cebc0affbb857e5757b7e962b9ffef3c7c8e21912aa825f86
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/8e8d3577f29263c4b081ec72664f025d.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 12048
x-amz-id-2: /tKwQSbKLzK1CDTcuwuoNCksTUhdCr6Erl88mNWig4+EAD4wL+uj3SLaa4lZYDLRigF/x/abNWj7Z3lrUNXwLA==
x-amz-request-id: WV9G09N79W2YGDJN
last-modified: Tue, 13 Aug 2019 15:12:29 GMT
etag: "8e8d3577f29263c4b081ec72664f025d"
x-amz-version-id: KGBCve1kQP0llmq9x5fOINficAfv2QrL
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/1534941.png
178.253.14.166200 OK 14 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/1534941.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 022b48206fce7e8605554cd522342b56
9cd144b6f28d9fe5a199551e2aa398305573c1f7
6280d60a41eb60b47216f863b5e22553ec8664554f5218464fe100b719760307
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/1534941.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 14032
x-amz-id-2: 76hQYHBOOavfdW3CufWmQCJNy3In830dbyiw264dV9fRyZQBZSC1Choi9uJVyeK+9TqiYHRlQ8Qe6D/Q2dCa/w==
x-amz-request-id: WV9RXK6KMM85KRX9
last-modified: Tue, 13 Aug 2019 14:54:24 GMT
etag: "022b48206fce7e8605554cd522342b56"
x-amz-version-id: srEB3jTXomduaDbcWqQbJsRZb7AZ1r5j
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/3516.png
178.253.14.166200 OK 7.5 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/3516.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 04a468b469dd980b8b7fc95f9d4829a9
3d7441884885973443110d5f8350796866873b7a
6f33506581fbcafc0bf02d08bce17fe3e08c6d05965c989d3b9288410fec2768
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/3516.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 7464
x-amz-id-2: MJrA5+/vSx1cDKSojgo0Se8VmDSpcm3KCu4Ag7r2f6ojF0r8d/8ITY967ciI2Ae3Biom1eCijauv6/SgU9Nv2w==
x-amz-request-id: WV9YMWGD0WG1592Y
last-modified: Tue, 13 Aug 2019 15:04:56 GMT
etag: "04a468b469dd980b8b7fc95f9d4829a9"
x-amz-version-id: rnEnSGtrYqLXujLVmNIeGbjsUzkTqQLD
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/11869.png
178.253.14.166200 OK 6.6 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/11869.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 6f5f565bceba098ef06b6dc95dda47f8
6fcea9353aa1b914b5df1cd6e278ebc08766db9b
798409a983560cc962f6954d0dbbfb9ead2f68e53719d785afe9b9b2d90c12c0
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/11869.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 6578
x-amz-id-2: 9hm1m7odvkSuBdTJOfdUSWYjVMr3vJTHCGi7l6l7C4Z4Sx16lUBDCB1+zJzpnhCmjgN5C5pY2RZdSUdHrMulyQ==
x-amz-request-id: WV9MW00CQG9KJTVS
last-modified: Tue, 13 Aug 2019 14:52:14 GMT
etag: "6f5f565bceba098ef06b6dc95dda47f8"
x-amz-version-id: kmwx8UFGtLWdV0Fo7ClsA94RB.Eob87D
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/11847.png
178.253.14.166200 OK 4.9 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/11847.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cdb663bb634488b4fc94d575fde2ed57
c4e74a35177b8390d8462079d9d907b3663cce7f
f2482d8a48a84b3f81751234540289704e60a8f60de2e945fb46c72a75979477
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/11847.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 4922
x-amz-id-2: WAqngjtMij0Ued7cimfQoATT8cfH6WlFjtOla+CeIZUjSuVP69jel/v7r/yCzNcIL2wCaUjIQIyI4kCIa3QKpw==
x-amz-request-id: WV9XWMFWNAHN7T9M
last-modified: Tue, 13 Aug 2019 14:52:14 GMT
etag: "cdb663bb634488b4fc94d575fde2ed57"
x-amz-version-id: Vl9uO5HSh5ELbrASIKHZgPuIh0xUdHSs
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/3492.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/3492.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e7a20e3b98c8d56f42ffca973bb32401
8cd71d473c55f85af7c82d47c1b28ff9b49b8fca
57f19e44e00b2c5df991b5db1953dd2655559a91c9a3ca9dcc9598eba9e7e4ff
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/3492.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 12873
x-amz-id-2: VKOWI+m8Dgt/0FhkSzlQCmTGTafNvSzGCa/EoBBhBE2BEJkwjPYOFr1Hmp1tKr1TqtltF+6RkCSw1tLum3DdHQ==
x-amz-request-id: WV9P48PNQPMEG1EA
last-modified: Tue, 13 Aug 2019 15:04:53 GMT
etag: "e7a20e3b98c8d56f42ffca973bb32401"
x-amz-version-id: sYDQq_D04C4E_JXGR6NCLbio2VOnTjdf
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/33421.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/33421.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 2d8f1289246627583edd18ab6f409e47
00b8cd65e503158a9246b718222a259eaa0267d2
8102d15f631d817da05e9767e384cb29ee44d79f9582742b51966c4b88a8fb3b
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/33421.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 10981
x-amz-id-2: kqbKnwbxgaSRWJAFygRqf+wQSzmVwH5IoIw80GgeJXNDLtBO+Ty2Y9QpwbU7PN2uD8V+nbPUaZExaQYuyV9sYw==
x-amz-request-id: WV9G838GF3V3WXS0
last-modified: Tue, 13 Aug 2019 15:04:36 GMT
etag: "2d8f1289246627583edd18ab6f409e47"
x-amz-version-id: vsbJ3RTmuBgIXRcRBczfGdO5sA3az.kd
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/11863.png
178.253.14.166200 OK 18 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/11863.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash c34435ae849a7dc1751080f135901449
5df948ed267f9db3f4b5502a0f95218d1b17f1ae
7567a31a51ecd340de58489530e8a64caad07f0104aedec4f2305ae961c25111
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/11863.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: image/png
content-length: 18134
x-amz-id-2: lB/QS+bd9c9V5Rwz4Pi2weT4TXp4XmmuHzvelGF43gW/6dUjVVZ7/kAp4kSnC8d+vv4tqHSSU+3TltKccCfsXw==
x-amz-request-id: WV9K9BMECT37FBWS
last-modified: Tue, 13 Aug 2019 14:52:14 GMT
etag: "c34435ae849a7dc1751080f135901449"
x-amz-version-id: KVDkuACZdhy6y40eD9XCHkHI9xisglWi
expires: Sun, 04 Dec 2022 11:12:02 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/9b8abd5c.css
8.254.252.212200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/9b8abd5c.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (6523), with no line terminators
Hash 4f5e039c3fca8784e758f52f65a571c2
3819b34cdc360e27cf360deab04f1e0762482610
33712de5b3ae67ccebbe547fcbb6ba6a8ea399d35e9994142abc7ef7d5cdc502
GET /_nuxt/desktop/default/css/9b8abd5c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: text/css
content-length: 1111
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-457"
expires: Sun, 04 Dec 2022 08:29:12 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 9771
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/4b3b02e4.modern.js
8.254.252.212200 OK 8.4 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/4b3b02e4.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (35397), with no line terminators
Hash cd490d3c8bb2bcc71aee69710735cd40
76d4fad06e341911bf5942bb8c312384b105b8de
b60d9c35195d6ea7535afcd759f44b52ac0a14352568cdb6c93d798e500acded
GET /_nuxt/desktop/default/4b3b02e4.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 8438
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-20f6"
expires: Sat, 03 Dec 2022 21:38:01 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48846
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/2c231180.css
8.254.252.212200 OK 1.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/2c231180.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (4693), with no line terminators
Hash e2dd8ba86790ec6ee2d17db0378a4a0d
abc56372e11001323446f6c4e497fba43ae0313d
6889ee03cfee10d2c23b60c3277274c40e04c78d4b3401434aee6ca50cf11965
GET /_nuxt/desktop/default/css/2c231180.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: text/css
content-length: 1205
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-4b5"
expires: Sun, 04 Dec 2022 08:29:13 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 9770
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/27194e15.modern.js
8.254.252.212200 OK 4.7 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/27194e15.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (16540), with no line terminators
Hash fe3b2ccf6792a07cfd1fe163eca6679b
2d7df5c3a76cb40df70ea916e8175f3e3ff6ee05
3d81396382145bd02d525c5e889ff2b1c66096379ef23ffd77c225abe7dfb74c
GET /_nuxt/desktop/default/27194e15.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 4731
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-127b"
expires: Sat, 03 Dec 2022 21:38:20 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48846
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/c42ea890.css
8.254.252.212200 OK 1.0 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/c42ea890.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (4394), with no line terminators
Hash 4a4d7eee11d2390f419b8718f928d10c
a4b3f529651602ae1156404a329917406dde3bd9
79a2e48343abaedca2867da8ef45610e41ae517ce2b2376037aafc21a7ae040c
GET /_nuxt/desktop/default/css/c42ea890.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: text/css
content-length: 1004
cache-control: max-age=86400
content-encoding: gzip
etag: "6389a8f3-3ec"
expires: Sat, 03 Dec 2022 13:38:03 GMT
last-modified: Fri, 02 Dec 2022 07:27:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 77651
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/14f509f8.modern.js
8.254.252.212200 OK 5.6 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/14f509f8.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (17989), with no line terminators
Hash 660a06fd0ab25a872182e37207c5859e
015b1e9f67ebe3db151e1c34f5c10e5c736fedea
aa5d7c483b1ccf732f58f6b7d8719b46a20d4072e033738b25dd6208cbd4eb40
GET /_nuxt/desktop/default/14f509f8.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 5574
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-15c6"
expires: Sat, 03 Dec 2022 21:38:48 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48846
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/bd52bd99.css
8.254.252.212200 OK 869 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/bd52bd99.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (3419), with no line terminators
Hash 8802fad000749cd92762f672c89d357d
761043d4bcc6d825128385e3c28b2abfadff9b69
a25ca7008fe67ee25dfc3d77275c12793358b3b6126a44d6778dfa7f8ec13d2f
GET /_nuxt/desktop/default/css/bd52bd99.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: text/css
content-length: 869
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-365"
expires: Sun, 04 Dec 2022 08:29:13 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 9769
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/79414b12.modern.js
8.254.252.212200 OK 7.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/79414b12.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (27019), with no line terminators
Hash 35823b84ed69d2ffcd549eb49b278660
f84da9576c4049512f1c828c83f7173d9abe0c73
70a5294be01c263f48b659c156ba05fa51097d0e31ca1856046984d8592d5258
GET /_nuxt/desktop/default/79414b12.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 7249
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-1c51"
expires: Sat, 03 Dec 2022 21:38:34 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48846
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/7ac812ef.css
8.254.252.212200 OK 1.2 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/7ac812ef.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (5224), with no line terminators
Hash f00b03e099a232bc5f08fcb1042ae13d
51fa0abddb8ccd8806efcf1872db16a46defd6c4
4a23a179f01d554e11064d32419cfb999b7529f83ca213bba8eda7c55011bb76
GET /_nuxt/desktop/default/css/7ac812ef.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: text/css
content-length: 1232
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-4d0"
expires: Sun, 04 Dec 2022 08:29:18 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 9767
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/36c9343a.css
8.254.252.212200 OK 912 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/36c9343a.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (3693), with no line terminators
Hash 1b7cc7024ef238173e96baf5dc448d32
a082b995c9ff91d8329b69f7f6fd917470b131d8
8eb90f00e3a2beefd31f5df844497b4e60988655f68946d865251c7feff4b778
GET /_nuxt/desktop/default/css/36c9343a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: text/css
content-length: 912
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-390"
expires: Sun, 04 Dec 2022 08:29:27 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 9757
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/d9c7b704.modern.js
8.254.252.212200 OK 11 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/d9c7b704.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (40008), with no line terminators
Hash 32d575d6db8c28d2652e33a4d5659d95
bbb8fa13574947bfe5b4bd2033f68029d77fe9ca
8b1e4643ace7110eb7ee5df74d37af0e69ba3cd47b429e1a53e775efca5b8cda
GET /_nuxt/desktop/default/d9c7b704.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 10723
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-29e3"
expires: Sat, 03 Dec 2022 21:39:03 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48846
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/9ecbbc89.modern.js
8.254.252.212200 OK 17 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/9ecbbc89.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (41008), with NEL line terminators
Hash c7059ba25931abab08e0f4f9dd191e96
97dcbbd4701ae7c292e2c99d3c49d0baf71b979a
f11d846f156c06957ba0ad491aaf8ac495a13fb25b6d43a62bd81edb24afffb7
GET /_nuxt/desktop/default/9ecbbc89.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 16805
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6842-41a5"
expires: Sat, 03 Dec 2022 21:38:00 GMT
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48846
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
8.254.252.212200 OK 454 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (1429), with no line terminators
Hash 3ef2b8ba6a3526a39954a0a10aba35b7
048a604c003e56843f7223d68486a13f7bc02943
f75cfb56d6719c69a3999875215398d444a8a5c73d5000098198c6452acbb80b
GET /_nuxt/desktop/default/css/c2b74bc7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: text/css
content-length: 454
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6842-1c6"
expires: Sun, 04 Dec 2022 08:29:13 GMT
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 9769
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/88c23522.modern.js
8.254.252.212200 OK 3.9 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/88c23522.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (17802), with no line terminators
Hash 36b3b62c1430470b288c527d538d5035
ef564c48bc363ed4db80f4e13bc95a4446eadef0
afe41cb99d8bdfd8e4d8ad554854a0ae68191305a56ae47c3116fbe951080775
GET /_nuxt/desktop/default/88c23522.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 3904
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-f40"
expires: Sat, 03 Dec 2022 21:38:09 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48846
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/b0e615fc.css
8.254.252.212200 OK 2.0 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/b0e615fc.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (18717), with no line terminators
Hash c7e379c6dd6ad0cea02bbd481745213e
2e29ba4e194ce2a75d0040f9cae47aa1c1093ce8
e6458342af05bbfd3a550bc95e4e1a28805a497c4805eeb92f5fc2ad9d16a768
GET /_nuxt/desktop/default/css/b0e615fc.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: text/css
content-length: 1999
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-7cf"
expires: Sun, 04 Dec 2022 08:29:18 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 9767
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/24b85293.modern.js
8.254.252.212200 OK 879 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/24b85293.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (3162), with no line terminators
Hash ec1512326c91dacf9f8b44aa233bbc58
b62391d7da29e4bf2cb993407275562652baf775
662c452ac9eaa230611c0774b4cc3c9a089c2279c41e72bf37ce19a0e4071a00
GET /_nuxt/desktop/default/24b85293.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 879
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-36f"
expires: Sat, 03 Dec 2022 21:38:34 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48846
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/17f2a34f.css
8.254.252.212200 OK 3.8 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/17f2a34f.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (21596), with no line terminators
Hash 0841c54eacc0863802d73b3c0772bc5f
eb7d893ef1032beeef9e61028a8603fd53a2f04e
cddb70033b8f6d204de3fd9373c908c5d67bec1484e238a7aeee8ea18eb245d7
GET /_nuxt/desktop/default/css/17f2a34f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: text/css
content-length: 3810
cache-control: max-age=86400
content-encoding: gzip
etag: "6389a8f3-ee2"
expires: Sat, 03 Dec 2022 11:38:06 GMT
last-modified: Fri, 02 Dec 2022 07:27:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 84840
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/d35090cc.modern.js
8.254.252.212200 OK 1.8 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/d35090cc.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (4822), with no line terminators
Hash a6333531a7f0b6150bddc6f2ae24a19a
feb02665cf3780a4908d62c7c0502536e861aa66
d8ef3e75416a07f637fc72af6549e7bb9966f04a4f5fbedad145ca3705efaa6b
GET /_nuxt/desktop/default/d35090cc.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 1810
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-712"
expires: Sat, 03 Dec 2022 21:38:34 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48846
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/cefdc903.css
8.254.252.212200 OK 508 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/cefdc903.css
IP 8.254.252.212:0
File type ASCII text, with very long lines (1570), with no line terminators
Hash 407282b72b766ff8bb504e6c6111c2f2
2f187937e2a5b0b8876b2815b77b2389d5b62a98
0571d1ff3828485f8d28670419fb8e7cea41d0c55396d07d5d22997cfbe3abb0
GET /_nuxt/desktop/default/css/cefdc903.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: text/css
content-length: 508
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-1fc"
expires: Sun, 04 Dec 2022 08:29:27 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 9757
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/6816f815.modern.js
8.254.252.212200 OK 14 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/6816f815.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash 51adfb86ab8c00c2b97cfb190d76e01f
63f973a21ef912f04768dc52e522f2c1000e5958
1ef821e9d29ebfe811ccad3069e896ec7e4fb5de777db8a7cafbf756708c6b33
GET /_nuxt/desktop/default/6816f815.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 13454
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-348e"
expires: Sat, 03 Dec 2022 21:38:51 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48846
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/fef63bc3.modern.js
8.254.252.212200 OK 330 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/fef63bc3.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (397), with no line terminators
Hash 7c8969aa8fa77c71341607e3751088a9
00d5a6606f36487851cef92082acbf6476b12cbf
f12ce251827d7cd21bba6a99469f61538bb9ab6e68d2429b04f9df52560c9e96
GET /_nuxt/desktop/default/fef63bc3.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:02 GMT
content-type: application/javascript; charset=utf-8
content-length: 330
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-14a"
expires: Sat, 03 Dec 2022 21:38:51 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48846
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.227200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x36781678.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 08:09:46 GMT
expires: Fri, 01 Dec 2023 08:09:46 GMT
cache-control: public, max-age=31536000
age: 183736
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/2ec0835f.modern.js
8.254.252.212200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/2ec0835f.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (2452), with no line terminators
Hash a459a847f703668ae65bccf0688d4425
91042e4ba34dadb89fa84556c6e597b852429285
544703d999d773746720ec3cc866ba87184e19f54de39b6b6b8e790145ec117a
GET /_nuxt/desktop/default/2ec0835f.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 1061
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-425"
expires: Sat, 03 Dec 2022 21:38:54 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48850
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/GetTopGamesStatZip?lng=us
178.253.14.166200 OK 1.7 kB URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/GetTopGamesStatZip?lng=us
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (5350), with no line terminators
Hash 76c7e139ce790b0cab18aa982357702f
1b15355d31e71c2201cb2ae7ed60771d95f9b400
9f01698a438219ba3194ec4989f805fabcb5736f22231d69340879060fc0f5b5
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=us HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 1730
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/GetLiveExpressExtendedZip?lng=us
178.253.14.166200 OK 620 B URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/GetLiveExpressExtendedZip?lng=us
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with very long lines (1242), with no line terminators
Hash bbea925b17b35e653ef1cc0f5b527cf6
6fe06b6af442db1173ef9651519481dcb4bc0c71
1b4fdf66dccb76a7d87c5039d828362b8f6de147bb7f41387daa991b373629ce
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/GetLiveExpressExtendedZip?lng=us HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 620
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LineFeed/GetExpressDayExtendedZip?lng=us
178.253.14.166200 OK 665 B URL HTTP/2 lite-1x36781678.top/service-api/LineFeed/GetExpressDayExtendedZip?lng=us
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with very long lines (1445), with no line terminators
Hash daaa828b20cd9cecf528b606c96d779e
7106c7491cacbebcd676ac69bb9e03f26098686a
89f5e97e42902cfd77b39c66c24b4facc862c46d0beb2bd8819aea52c5145ab1
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LineFeed/GetExpressDayExtendedZip?lng=us HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 665
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/Get1x2_VZip?champs=1938952&count=100&lng=us&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
178.253.14.166200 OK 88 B URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/Get1x2_VZip?champs=1938952&count=100&lng=us&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cb41a88ff43bbf14302fe7266a35d76d
4c0c7d1c22c7a6c4c661df8966d9154536fa4313
2de5c51dc3d129eb5567c2f67ea3afb49535ea570887202c1ab058570fec4270
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/Get1x2_VZip?champs=1938952&count=100&lng=us&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 88
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/domain-api/api/v1/domains/lite-1x36781678.top
178.253.14.166200 OK 86 B URL HTTP/2 lite-1x36781678.top/domain-api/api/v1/domains/lite-1x36781678.top
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d6ce170df0fd95ce1ace683582698106
54337307d42777444d983f580ae04db2811b2c1c
bf25f0e6d9bc1fa43c30596d7292607f8bbf2222f38b9104106731b0a73b02ae
Analyzer Verdict Alert quad9 Sinkholed
GET /domain-api/api/v1/domains/lite-1x36781678.top HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/vnd.api+json
content-length: 86
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/WebGetTopChampsZip?lng=us&gr=285&country=137
178.253.14.166200 OK 88 B URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/WebGetTopChampsZip?lng=us&gr=285&country=137
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash cb41a88ff43bbf14302fe7266a35d76d
4c0c7d1c22c7a6c4c661df8966d9154536fa4313
2de5c51dc3d129eb5567c2f67ea3afb49535ea570887202c1ab058570fec4270
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=us&gr=285&country=137 HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 88
cache-control: no-cache
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/user/secure
178.253.14.166200 OK 57 B URL HTTP/2 lite-1x36781678.top/web-api/user/secure
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 4834d7e13b89015314a33b7b2b0734f5
cda239c4c7e48598f163ebdda8fdbb29a596c216
2782bac7a78fac7b605873d935751b7f247adda6c708d9952f994b5022b34ac2
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/user/secure HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Origin: https://lite-1x36781678.top
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 57
server-timing: dt_285;dur=50
set-cookie: is_rtl=1; expires=Sun, 03-Dec-2023 11:12:03 GMT; Max-Age=31536000; path=/; HttpOnly
tzo=3; expires=Sun, 03-Dec-2023 11:12:03 GMT; Max-Age=31536000; path=/
disallow_sport=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; HttpOnly
fast_coupon=true; expires=Sat, 10-Dec-2022 11:12:03 GMT; Max-Age=604800; path=/
v3fr=1; expires=Tue, 06-Dec-2022 11:12:03 GMT; Max-Age=259200; path=/; HttpOnly; SameSite=lax
_glhf=1670083699; expires=Sat, 03-Dec-2022 12:12:03 GMT; Max-Age=3600; path=/
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=us&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
178.253.14.166200 OK 9.6 kB URL HTTP/2 lite-1x36781678.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=us&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (45815), with no line terminators
Hash ede233fdf84d27d3965761b0a7c32773
51c6607291bed2cb73675d4d2685e387336788cf
5f23b5fcbad1845af7cc94f13953f359e62d41d3add97356a12c407f86526fff
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=us&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 9603
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LineFeed/Get1x2_VZip?champs=1938952&count=100&lng=us&tz=3&mode=4&country=137&virtualSports=true
178.253.14.166200 OK 5.1 kB URL HTTP/2 lite-1x36781678.top/service-api/LineFeed/Get1x2_VZip?champs=1938952&count=100&lng=us&tz=3&mode=4&country=137&virtualSports=true
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (29814), with no line terminators
Hash 632b87bf2b9ebec0eae9dbecc0178154
30d0f81f983e41cc03b4fa03baf3666f7593d9af
a8688cda779c34ff1f41ec360cce929f4b752a54fa639c2dd8bf3760416a8a22
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LineFeed/Get1x2_VZip?champs=1938952&count=100&lng=us&tz=3&mode=4&country=137&virtualSports=true HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 5140
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/6e3b5baa.modern.js
8.254.252.212200 OK 5.4 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/6e3b5baa.modern.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (13517), with no line terminators
Hash 41f4f326e58b686799064710861612ab
1cb54821c1a9eedd935791e2dfd0a59d85446940
6886a6936273adfb2abffd62645021d187ffa9b9f1a6e6f268240fa9ca081a5b
GET /_nuxt/desktop/default/6e3b5baa.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 5364
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6841-14f4"
expires: Sat, 03 Dec 2022 21:38:10 GMT
last-modified: Fri, 02 Dec 2022 21:04:01 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48861
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/e84b596b.modern.js
8.254.252.212200 OK 26 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/e84b596b.modern.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash d2cc4fc9aff3e5afe275cf510a5a6266
421759816514b190b77674acc654dfa097a05bff
84bc321ea174cfb371ac0ac32ab756f7add517af4266a322d7c8ccac31398505
GET /_nuxt/desktop/default/e84b596b.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/javascript; charset=utf-8
content-length: 26120
cache-control: max-age=86400
content-encoding: gzip
etag: "638a6842-6608"
expires: Sat, 03 Dec 2022 21:38:10 GMT
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 48861
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/service-api/LineFeed/Get1x2_VZip?count=20&lng=us&tz=3&mode=4&country=137&virtualSports=true
178.253.14.166200 OK 9.6 kB URL HTTP/2 lite-1x36781678.top/service-api/LineFeed/Get1x2_VZip?count=20&lng=us&tz=3&mode=4&country=137&virtualSports=true
IP 178.253.14.166:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (48496), with no line terminators
Hash 7f1e560264b14dde462f6cc29540d324
7737b58b7f68bbc79d1288c74167db52ce39fc5b
b0272d0c980deb77922b7a7a19dba8f77c7e758be1d876d8fc48379ad7da73e0
Analyzer Verdict Alert quad9 Sinkholed
GET /service-api/LineFeed/Get1x2_VZip?count=20&lng=us&tz=3&mode=4&country=137&virtualSports=true HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 9552
cache-control: public,max-age=5
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/checker/redirect/stat/run/
178.253.14.166200 OK 49 B URL HTTP/2 lite-1x36781678.top/checker/redirect/stat/run/
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b7a9075de81cdb1a9fa74fa71b5126dd
9d651f649e1c5eab95d3b0ca7cc9b02dec41df61
86877f86c7d18d59e54d73c43e6709a91a7f0a6a86980cada7f4b7e69c13cf20
Analyzer Verdict Alert quad9 Sinkholed
GET /checker/redirect/stat/run/ HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/json; charset=utf-8
content-length: 49
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/games-images/ico-logo/white/desk/343.svg
8.254.252.212200 OK 11 kB URL HTTP/2 v3.traincdn.com/sfiles/games-images/ico-logo/white/desk/343.svg
IP 8.254.252.212:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (22224)
Hash ec2f953bc550d8559d5d3847c0ac61b5
02169e4bbc5964848d6f46ff239794e32db6e589
e2cae2e289d45b0ea140ae52bc05800717dfc7a0122a85d651bfd2eefd312373
GET /sfiles/games-images/ico-logo/white/desk/343.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: image/svg+xml
content-length: 10983
cache-control: max-age=86400
content-encoding: gzip
etag: W/"4fc440a1a3d8be975531b9e083d83b93"
expires: Sun, 04 Dec 2022 10:14:14 GMT
last-modified: Wed, 16 Nov 2022 15:19:43 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-meta-origin-date-iso8601: 2022-11-16T14:16:25.000Z
age: 3477
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_us_0.js
8.254.252.212200 OK 3.5 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_us_0.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (12621), with no line terminators
Hash 70549a52167360ba4bb89c287f5f5264
af3e3c426fa8f70d472b9ea30d939d82c3ccf63f
b6da84b0e9f5eee980ba2e50cbe4f4a38499ba35738d4b8cf514d097d8eb7c60
GET /genfiles/cms/betstemplates/bets_model_short_us_0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: text/javascript
content-length: 3456
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"b707d91b97881a24d3622b36b6d6f1e2"
expires: Sat, 03 Dec 2022 11:12:17 GMT
last-modified: Thu, 01 Dec 2022 14:54:50 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 114
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/external-api/getFirstDepositBonus
178.253.14.166200 OK 3.8 kB URL HTTP/2 lite-1x36781678.top/web-api/external-api/getFirstDepositBonus
IP 178.253.14.166:0
File type JSON data\012- , ASCII text, with very long lines (25442), with no line terminators
Hash c826bad8a863085461c64bbf332f7478
443ab45c85f166b10f057d27f6781aeac5090882
ab218aa56d9718644a15b7d4324376e1e0a1d2f3409478e9d7eae889fc84076e
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=40, dt_285;dur=42
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_us_0.js
8.254.252.212200 OK 4.1 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_us_0.js
IP 8.254.252.212:0
File type Unicode text, UTF-8 text, with very long lines (19914), with no line terminators
Hash 1886d0d175355186721ae5da936f9bcc
4c3dacc09a5f1a40097b079543d5a0195bd8c9d1
2ff6c20dd213bab3ab99fc6542f81097265a1e4855be5b7a20774c2e146c7625
GET /genfiles/cms/betstemplates/bets_model_full_us_0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: text/javascript
content-length: 4147
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"b772283d1854683f134be021905c7de6"
expires: Sat, 03 Dec 2022 11:10:57 GMT
last-modified: Thu, 01 Dec 2022 14:54:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 189
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_us_1.js
8.254.252.212200 OK 2.6 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_us_1.js
IP 8.254.252.212:0
File type ASCII text, with very long lines (10098), with no line terminators
Hash 96c6d2a33eb4ae78ca1fc9f6d863b6cd
ef42c753c3e045f2288309c4af9ca9bf47812930
da07421eae9eca7d18e9bd3513d9851488faea057e25f6037e506b1efbc57603
GET /genfiles/cms/betstemplates/bets_model_short_us_1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: text/javascript
content-length: 2572
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"f9f18ba9c9be3c1a92f049dfd8271bda"
expires: Sat, 03 Dec 2022 11:09:03 GMT
last-modified: Thu, 01 Dec 2022 14:54:51 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 311
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/3074.png
178.253.14.166200 OK 22 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/3074.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash ea952f7d2ac4ca545859366f2e51304d
2c134ac905cf657298d25d13122b40803024b6b7
c55acf5e3008c2fc6b2233903c5ea838c168d9b39af8cad39e3c6cb4d00506be
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/3074.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:04 GMT
content-type: image/png
content-length: 22335
x-amz-id-2: Lslwh/36XVtwWoCwzi7Xq6lgPPCkj09HwWBUIaoRBMQdJGEg42qi2OWnHutSomj1eBy6SjRHu4QPd9gSpjNT9A==
x-amz-request-id: YXB59GEAG9GQCXAM
last-modified: Tue, 13 Aug 2019 15:04:07 GMT
etag: "ea952f7d2ac4ca545859366f2e51304d"
x-amz-version-id: ANgk5uP2VeKVSl2ETj34dRyJkhdBssju
expires: Sun, 04 Dec 2022 11:12:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/18bdb7cf31dc97ec01919e73d63c83dc.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/18bdb7cf31dc97ec01919e73d63c83dc.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 18bdb7cf31dc97ec01919e73d63c83dc
1c522336801f89b2a46a620195ac28d1bd7c8893
e52cb71da43dba15a800dd905d7ac1536c3e3ceea797b37aac3789bf18e65194
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/18bdb7cf31dc97ec01919e73d63c83dc.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:04 GMT
content-type: image/png, image/jpeg
content-length: 10657
x-amz-id-2: VaLvngppwCNofue6/Ky4r6ybcDe8dHHA1lvepPfPClyka9PNxpL5evRnKvBubLSb3Xt1ERb+AgOZaMGPG3T+7g==
x-amz-request-id: YXB5K6JJGP57RGDF
last-modified: Wed, 23 Oct 2019 11:07:21 GMT
etag: "18bdb7cf31dc97ec01919e73d63c83dc"
x-amz-version-id: F01EHzH2kOjXdcAMa5_XDO8YYaJ18gfZ
expires: Sun, 04 Dec 2022 11:12:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/17e2f60d8f51741ebe29ecb972e56c77.png
178.253.14.166200 OK 7.1 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/17e2f60d8f51741ebe29ecb972e56c77.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit colormap, non-interlaced\012- data
Hash 6a8a19a155e186f3f1565dbaea85ed7a
6246d6f3ca1f2cec2b25b15b6692b3b2393e0623
3cea2123a177dfe379fb84efe2af592cf885ad5c8631c378a21370c1a0577785
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/17e2f60d8f51741ebe29ecb972e56c77.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:04 GMT
content-type: image/png
content-length: 7148
x-amz-id-2: Na4MllqUvkpP2FUOXTsHIgpgugpHxzlpm7j/Ty3VYWd+Nc24HD1uWeR00G+jtbeuy6hJA3aZ6FJloNYKOnEJZQ==
x-amz-request-id: 0RC27DD4B88WXZ92
last-modified: Thu, 23 Jul 2020 15:46:42 GMT
etag: "6a8a19a155e186f3f1565dbaea85ed7a"
x-amz-version-id: SLY1vsWcCq4Fd7gE87tZtG1eMIIoZDM6
expires: Sun, 04 Dec 2022 11:12:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/ace5ff4c3c2675941577b37b548dd091.png
178.253.14.166200 OK 3.4 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/ace5ff4c3c2675941577b37b548dd091.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash b474c02567f0feb10da3ff526332aa8b
be1ffea30ac4853882156dabbd57be21703f2c02
5fd9c928d1922477e5aff6d5a3607f64e6f8a08e102717c6deab2f8d74a36e16
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/ace5ff4c3c2675941577b37b548dd091.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:04 GMT
content-type: image/png
content-length: 3435
x-amz-id-2: RyOEJktqjgSViks/thIBSG+Hhj3ai9S1dk4ayv7FX6VERrltHUxOQjj12wY8WzhS3J1m3/AqUMPLJ/L2IAB6Qg==
x-amz-request-id: 0RC4M1J1NQ6KNJ70
last-modified: Thu, 23 Jul 2020 15:40:47 GMT
etag: "b474c02567f0feb10da3ff526332aa8b"
x-amz-version-id: HIIeu12aOuCxICUF6KeRx9fHX6GkE4iC
expires: Sun, 04 Dec 2022 11:12:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/ce143f8249da38e5c3f6c024c72a427f.png
178.253.14.166200 OK 8.3 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/ce143f8249da38e5c3f6c024c72a427f.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 11c4d770d56734b3c66fe38f1ac0b5fe
2bc7421484fd868fad592e00fc4cb220f5279537
b5e7cb4ad32c1b45ee5875854a3c0a6489893aa44276ec44fb8fd2088203a9c0
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/ce143f8249da38e5c3f6c024c72a427f.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:04 GMT
content-type: image/png
content-length: 8333
x-amz-id-2: NyBZPlawKyzzY95oJFX8NSASkv+bN7U7d9Qx77RNGClKpNY2s81B6LqzeSWUPG3gNyWeQpKB4neOGJs3K4l94A==
x-amz-request-id: EKWNC4MK1NTTCN2N
last-modified: Fri, 02 Dec 2022 06:38:45 GMT
etag: "11c4d770d56734b3c66fe38f1ac0b5fe"
x-amz-version-id: gUTs2TO2_Cx_YSij_bp01BsrAnIaqYLr
expires: Sun, 04 Dec 2022 11:12:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/232105.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/232105.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash a8dd044c3bd6ef6bec40c298a440cf1a
042fbfeaac46bd19dd78234c357b8aa69a7e80b4
4f06898264be8339f94a9206269892f356d02e0851385980d55fc15f282aee2d
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/232105.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:04 GMT
content-type: image/png
content-length: 10886
x-amz-id-2: RvETyxJuM5LIzI3r53Cjqww81uMXr+ezYYGxx/ocOKqcBBkYBHmPwJgoLM8z/p35AeuBv6BlQErgmANqUR9LMA==
x-amz-request-id: EKWN2SVCAA1SJ9HF
last-modified: Tue, 13 Aug 2019 14:59:55 GMT
etag: "a8dd044c3bd6ef6bec40c298a440cf1a"
x-amz-version-id: LvBowkfuKnZ9FbSNAdW7af.v2_ygUKQ.
expires: Sun, 04 Dec 2022 11:12:04 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 388c91a58c606964ca6323aa9917dd36
b660a689686ad234215b51e98605294e87257e2c
a5e5d71fc0fab23ed4020cddb500e5b950cb4a4b84faa27c2807694f87b29d6f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5298
Cache-Control: max-age=90649
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:12:04 GMT
Etag: "6389d96b-117"
Expires: Sun, 04 Dec 2022 12:22:53 GMT
Last-Modified: Fri, 02 Dec 2022 10:54:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 388c91a58c606964ca6323aa9917dd36
b660a689686ad234215b51e98605294e87257e2c
a5e5d71fc0fab23ed4020cddb500e5b950cb4a4b84faa27c2807694f87b29d6f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5298
Cache-Control: max-age=90649
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 11:12:04 GMT
Etag: "6389d96b-117"
Expires: Sun, 04 Dec 2022 12:22:53 GMT
Last-Modified: Fri, 02 Dec 2022 10:54:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sat, 03 Dec 2022 10:41:08 GMT
expires: Sat, 03 Dec 2022 12:41:08 GMT
cache-control: public, max-age=7200
age: 1856
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dbee75c6c314655f738b57b828bef016
bb36d39c7adf764e8a7dcf7f91125001623975b4
fd40949b9711db01be746d1723f78c2bb04d356063c6249b8b5ae1470532367a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57219d7e-330b-4d3f-a472-55cd262c7dc1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10877
x-amzn-requestid: bebc4f7f-7349-4973-99f5-d6c3b8a27072
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ciZN1G2uIAMFryg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638a6f25-0637a1a946db78074bc19dc3;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 21:33:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WKEeqfEv-NjZr_39K27vuE9FrqYcJCI5oQk0_JIl_HuO3iA0f57_vw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 21:49:27 GMT
etag: "bb36d39c7adf764e8a7dcf7f91125001623975b4"
content-type: image/jpeg
age: 48158
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/b0a5d563b77dbb686e1fd1aff9030aff.png
178.253.14.166200 OK 22 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/b0a5d563b77dbb686e1fd1aff9030aff.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash d72065c83cd2623af5b30f801090cf03
af1c9b0b1777667511a7cb8b22173116a1a66b54
6a8cfe5133b961871fa088ffc93006f26f115c043f9a5bf43dc8ea8cb4132432
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/b0a5d563b77dbb686e1fd1aff9030aff.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 22419
x-amz-id-2: gsOSVBcMEwc3WH2gI4rLvxEm1BOx5Q4VUc6edPdMHBtSVjZ9bJ6ccyuDE4h2fuphqu7dEF9LOAiPgHUoHJC56g==
x-amz-request-id: 4SE3QMD2FYAAJV3T
last-modified: Sat, 11 Sep 2021 08:01:16 GMT
etag: "d72065c83cd2623af5b30f801090cf03"
x-amz-version-id: WQ9OJK.L2YcMkFou3uTVzlaKbSxZuhZR
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/12107.png
178.253.14.166200 OK 18 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/12107.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 16e7e44b22bbe4f3df419d7a3cae3b39
40e03c57fe2751e26ae7ba756b60a7d3834d1371
7dc5029579d5687438f3d609296fde8dc80edefa35c71eb2ca93396f681fb12e
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/12107.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 17570
x-amz-id-2: f6p4kDOdNt+fK4BArc+QRa5XyRRWHQPdY1yvpqRz+jnqyvHBZP5FAi0t0Bpb9MY2RS7jmytkwhWyOlOFfiIo0g==
x-amz-request-id: 4SE6JZ498N7DQDSZ
last-modified: Tue, 13 Aug 2019 14:52:22 GMT
etag: "16e7e44b22bbe4f3df419d7a3cae3b39"
x-amz-version-id: BH2_Qk7l3J1l7JWibnUk7z299Iai6pnI
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/31741.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/31741.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 1985fa7f0be6a132ab49fd1c352492ae
9294a17f087c1d31c7197cdedb2115bb205681bb
a2a68cf36fdf7ecc2adfe231c2d5f64dd63e30f3968c884c10d46fc83dab34c9
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/31741.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 10642
x-amz-id-2: /VQl6JlpnzF2wMInttqf+clIiOR5yr99EBe0VQiYVkptSDjbsg6sHqemOxJ1wL0MIiWbn2ZoQ4ftu/Laj7zsjA==
x-amz-request-id: 4SE7RRZN67RZ9D8H
last-modified: Tue, 13 Aug 2019 15:04:15 GMT
etag: "1985fa7f0be6a132ab49fd1c352492ae"
x-amz-version-id: cAJjcQ0Hf5vbIkQyPhKUYX6hOIxYMrA7
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/39063.png
178.253.14.166200 OK 10 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/39063.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 769fe449be505a13e5645d73b1d34abf
81c3999caa35bbe6c768ce9450f8867423b2e8cc
3d654518bcadf49fb932efcdba5e20edb3c1c3f5728af762eec7441863dac673
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/39063.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 10204
x-amz-id-2: 1Wlitt7iu8yZCa6n1HN3bRQo0Lv5SmYospS3Z6ZUuxf07BVOGIN5vRgSrjrWVKJugSzG/nlaHkZeZ7OuuTsXUQ==
x-amz-request-id: 4SE72YJ91ASPX5G5
last-modified: Tue, 13 Aug 2019 15:05:37 GMT
etag: "769fe449be505a13e5645d73b1d34abf"
x-amz-version-id: 6zpaPZ22Ya8oUgjP5ZrPIuZOV7MiN7j.
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/226829.png
178.253.14.166200 OK 7.9 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/226829.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash ca74dd97ceb8badd6360943917e66caf
9e8ba2f2d59c2a75b4f040c3b4fb5c3d99c89ad0
c4a802802cf38dfa9a92929a7502d13ac4dd30948f96bec4169b4251f3d06b7e
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/226829.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 7869
x-amz-id-2: 9eK5j7wyN23YU4jr/wmsWJVdxi6gu6dSdWipjllBIPb6COctRJ3jx44qAfUZzFMLHEBLkd9pJFHCw4fiVmio6A==
x-amz-request-id: 4SEBH5GM9KKK35AJ
last-modified: Tue, 13 Aug 2019 14:59:38 GMT
etag: "ca74dd97ceb8badd6360943917e66caf"
x-amz-version-id: LeyqacwCreEJXgbuglDRxUDZjpd_nFN7
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/5028.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/5028.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 4c2d715fa2f7e799051768613d1e7c34
76d16c87f807f23ce1da1a7c367043e8431f1146
e2f366d81b19c87fe426fbe51b3e298297b5c7321a8d01a89c524a09c33e6b56
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/5028.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 10907
x-amz-id-2: 9wYtIHH3P9rbTIS+5HGaQb5WmaxFacIAC/NtehNmT4TUxbZjBBWtcFpmJqwX7U5gBrOMk1BLEGUzca5XuIhXFA==
x-amz-request-id: 4SE8HCN7NX3A0YNF
last-modified: Tue, 13 Aug 2019 15:07:44 GMT
etag: "4c2d715fa2f7e799051768613d1e7c34"
x-amz-version-id: c7jbCyiKmh2qWfH3PUOjZ_YtnNIO32M7
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/41647.png
178.253.14.166200 OK 7.7 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/41647.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 735f5e2220fd74ee10be3162c41c568f
995d30511d5d68e9d44c89a346bde550e2065646
099346ec01d1cba8c63c057fafaca20e8cd15d43d795254298a308e6135b2845
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/41647.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 7661
x-amz-id-2: O7LQFBKnmde+oL4kCgnkxpzGUvik70LzDPWrsMK+3jmI3MjVbEjF9XG8szs/Whky5Yhyy9VZLkl3W/PnbJLnEg==
x-amz-request-id: 4SE8P5XNYJSCRJCN
last-modified: Tue, 13 Aug 2019 15:06:06 GMT
etag: "735f5e2220fd74ee10be3162c41c568f"
x-amz-version-id: emgzQwg2QRctyik.7p_RkVIC3reDGrNb
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/42201.png
178.253.14.166200 OK 17 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/42201.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e404ecd971d6c3612d9b45526db5c702
8d69fec020f2a6d017216f5f38b71a801294f6ed
47aa85e3071f66a2594700e7f1290dedd8dd1db1d5ac3b976b9dc5917579c679
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/42201.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 16906
x-amz-id-2: A7dhtk/rNAL1rkwjHQ+WIu9r/waxznjPEnEftK+ymDz4ewlYuZ2gme0rpkDMc2rAfSdWvXv9ckPMLkl3tqOKCA==
x-amz-request-id: 4SE40W6QQCRS6B3Y
last-modified: Tue, 13 Aug 2019 15:06:11 GMT
etag: "e404ecd971d6c3612d9b45526db5c702"
x-amz-version-id: WMviG.HXaMLWRd9D5Ey9gsLOAymjf6Tz
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/17141.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/17141.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash bad8fc8d15997699d3e5bf548e76d4fb
ea92f4e78c9fa05cca3ec4f530969f90251a912c
fe241c44281a549d1cca55b63a818a70aae1fb2e9c604145d6a78debfeead294
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/17141.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 12898
x-amz-id-2: Ea4Say4ysDxAm/ZlfAymBpGlpzd7KujE8EEPgJXP2+bFEJyWnf13DAPCEttMF9mvNbUwZ3HwdV3bSoXi51aRbg==
x-amz-request-id: YG6Y8BN22GMSFBKQ
last-modified: Tue, 13 Aug 2019 14:55:40 GMT
etag: "bad8fc8d15997699d3e5bf548e76d4fb"
x-amz-version-id: lX5KJsfE22_yCLMoqrt6kgK2BT9NodAx
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/29367.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/29367.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 719be5302eae4e4cf638e67c18e837c5
424b576c091d0176ee3ef8d2b1dd8ca30f46cb9e
8bcd4bd7b0b9aabb5f83d9cc947203aa29d8e368c7d8a08e6047d748dcd4c989
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/29367.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 11403
x-amz-id-2: OcPmrwzT8akdpO+pwQ0y9p/mHZPlQyO9KvnVtJiGuRtbiJElteqSAhRhMhcj1PncdOWb696MUeKzsDKYhmVRpA==
x-amz-request-id: YG6RHD14N6TSWTBB
last-modified: Tue, 13 Aug 2019 15:03:52 GMT
etag: "719be5302eae4e4cf638e67c18e837c5"
x-amz-version-id: Qek4OFM2_RthaGxvw.iY22EpSIj8jfG0
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo-champ/b2e76abdcd12ca7fb1ced0e568a680d7.png
178.253.14.166200 OK 7.1 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo-champ/b2e76abdcd12ca7fb1ced0e568a680d7.png
IP 178.253.14.166:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash a3bf5f699a3396c407aba0fd3d292f3c
b0b70a7e67df77d2657cc8bb41ed35b16e63b3eb
56fa9f9ff8b59cd244c20d6bd87588da1a794d0afc6c0716056813ad8527cb08
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo-champ/b2e76abdcd12ca7fb1ced0e568a680d7.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 7119
x-amz-id-2: XHAm5DlOw1PiPMBC6eaSaWRs+7AhMAkmJq2OJEnKYRJ82xplT+I8Y6NJv2nyUGfMRQ0nXk4NyHJVxTsWCyxMOQ==
x-amz-request-id: YG6PB0ZWTZVZ733E
last-modified: Fri, 20 May 2022 11:27:56 GMT
etag: "a3bf5f699a3396c407aba0fd3d292f3c"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/5062.png
178.253.14.166200 OK 7.2 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/5062.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d4a29e6596323de89addb3047b15e39
9a5e4518cad51a99bec6d2ae4d07a2167aab6ed6
3bab558817de83658a54ded5923b235e0eeafc5bc91a00beb2746bcfd411471a
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/5062.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 7230
x-amz-id-2: t5M9znqN4g8q+qQbHwFCBZBBq7sYSlFbGdwDRK4XsGqlv+Z8yA+P4IMFseFUCgILfov7Kr9XZHu/UYpDSzBeZg==
x-amz-request-id: 3PKHRH19JAMMGM7A
last-modified: Tue, 13 Aug 2019 15:07:48 GMT
etag: "9d4a29e6596323de89addb3047b15e39"
x-amz-version-id: jpQSRXG5JuQSH2Uy_2x6RNC25OvbceFo
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/79c534fc553b1eae228219e1a00caee6.png
178.253.14.166200 OK 30 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/79c534fc553b1eae228219e1a00caee6.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 6db36bb10bdb9f8b7ea393917b268d41
d03276cb4535c403d01aaab56cd3303bbacc2180
868f2802ebccfa66181a5e12c50098736834121295b564c36ddae16a0bc848ed
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/79c534fc553b1eae228219e1a00caee6.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png, image/jpeg
content-length: 29684
x-amz-id-2: WXDhdHsegEQ5ZtdrekMwnJwSpjFTQfMlOwg90la9v45Q1LWCIotj/Nu5EMzHvM7qMBoMmFjCEKZAHtI4BWYMmw==
x-amz-request-id: 3PKXRNRA5TDD367H
last-modified: Fri, 10 Jan 2020 20:02:28 GMT
etag: "6db36bb10bdb9f8b7ea393917b268d41"
x-amz-version-id: UsHbAvok.7Ik3HG.IlCZx23uYuusdk32
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/5026.png
178.253.14.166200 OK 7.6 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/5026.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash c7cd4ecc5a13fd132de5402c792d38c1
dbb6538b2d06f614b04fc6489e8ebf934ed243f2
348257f9387608892fa584457cb12c845a1a58e09126086730bfc8dda6517d67
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/5026.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 7633
x-amz-id-2: BZR8cSjyvaPZhP8aHHcnm3hhvvxNxFKkewmVBDhxzlYqhvGoZp17ZcFeejhUmEFv7wcQgBlj5sCHYfiNdB3U4A==
x-amz-request-id: 59NVGV6D7668NPN5
last-modified: Tue, 13 Aug 2019 15:07:43 GMT
etag: "c7cd4ecc5a13fd132de5402c792d38c1"
x-amz-version-id: emblJXTmpXsvqrUELIEo3CmdcSblSj6t
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/5080.png
178.253.14.166200 OK 14 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/5080.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c8487f645a30a97361a6a1ee01b4286
cb8e43c627a17692bd96361c20c2da794b7d7b70
c07f0126e8b84ac6fd3886367f725b073830f378a8d8a8c45b8e4e732a679d64
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/5080.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 13566
x-amz-id-2: mtkv85Mv/ZbMkTAuvz3dUV7Q2QLGQvzQNreo+Gj8+BDE4BRRXTfoZXOXzezj3L0IvijIsL/rmgFvqNU9+q0a7Q==
x-amz-request-id: 59NQ35XPMCNMAVPY
last-modified: Tue, 13 Aug 2019 15:07:50 GMT
etag: "6c8487f645a30a97361a6a1ee01b4286"
x-amz-version-id: NWxLr.XayL5LD5Lr_Is5KnhbQKZlTuRK
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/502049.png
178.253.14.166200 OK 5.9 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/502049.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cf48b86af71bf1d067deadb5460227e4
b56645cc2f56ce6b41f77d7fb964af6d90c7f9f5
2c6e209729cdcf3066fee221fca26e4e6de7abf524180c63235e532ff3abb5e9
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/502049.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 5933
x-amz-id-2: x8X0/3JYQYJI0eC6fRm3xMqLIOrpvKGnBNrwYmGt3eeKMcpg2ldVbBbTGQnAe00RXSZMdRCL5dVNpYsGQfS3YQ==
x-amz-request-id: 59NPBJK4JTKHCX7B
last-modified: Tue, 13 Aug 2019 15:07:43 GMT
etag: "cf48b86af71bf1d067deadb5460227e4"
x-amz-version-id: oY7Qz9yKoXM6XTwSPL7CWGsRHwY0W0qQ
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/116481.png
178.253.14.166200 OK 22 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/116481.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash d2d3b5972c2359a2747645c571641219
b6f902a0fa4d39cd11e462378cf1fcc07ba6d00c
831830b707f84410684eda92892bec990adb54b498464f9c366f3aa89844a93a
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/116481.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:05 GMT
content-type: image/png
content-length: 22164
x-amz-id-2: EhO+6E2x2ia/0UNHxRhvSMQGvAem+URRY3vRYTEHnhn8Fpigg5FjDYgs4L3ygVQwWQ8Tp0A4Yr1u/6/1+SQuXw==
x-amz-request-id: 59NH6KF0R2NXCG6C
last-modified: Tue, 13 Aug 2019 14:52:06 GMT
etag: "d2d3b5972c2359a2747645c571641219"
x-amz-version-id: kYWOFtBv0V7ptDrsL9n8vEBStEAfBpor
expires: Sun, 04 Dec 2022 11:12:05 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/72e0fd71efa06231900f7a18d42fc5b1.png
178.253.14.166200 OK 6.1 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/72e0fd71efa06231900f7a18d42fc5b1.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 4a3ab226cdea87c8cabfaec0edc77c8d
423c93b17627c3b62a32a6eb319d70d014380276
dabef6a121cb35c8a44f988711cd352969072941c1385f80c72a3e5147cdd53a
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/72e0fd71efa06231900f7a18d42fc5b1.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png
content-length: 6114
x-amz-id-2: rXAdXsGEQer5cFG/rA5R4WfOu1MV7KZyERTvuK3BPz14ielC0U2vteZRFY+4OP7pFdDygvTj1bWhHxXO799P4Q==
x-amz-request-id: M6AX3PE6BVW21K3K
last-modified: Tue, 29 Nov 2022 09:51:43 GMT
etag: "4a3ab226cdea87c8cabfaec0edc77c8d"
x-amz-version-id: YZFiEWKkMA_IPU4paRKek30cMLUlGTbN
expires: Sun, 04 Dec 2022 11:12:06 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/3590.png
178.253.14.166200 OK 13 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/3590.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e9ef1c40db5ff4bdfe5a89c9d5891ff5
de4f6c44696c5175e142e6d1fb3a36d5b662bf56
df284d9049bbf787cf59dd501077c3d853bcd0257267952640c5e6e0599ddcec
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/3590.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png
content-length: 12871
x-amz-id-2: VKg7/H6gXxLYOuouWy92Ck2LVVVoWMQna1KU2vPjjmzBVHTMfB3VOb/wgk7IwuxkBXXzy3e/5I+pd1YDJSzbRw==
x-amz-request-id: M6AHMYEGMNXYKHVK
last-modified: Tue, 13 Aug 2019 15:05:04 GMT
etag: "e9ef1c40db5ff4bdfe5a89c9d5891ff5"
x-amz-version-id: 9biseEguzoID0rCEFG3QWbnnQuKgiTQs
expires: Sun, 04 Dec 2022 11:12:06 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/3546.png
178.253.14.166200 OK 16 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/3546.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash bfa384380676326533085e6284d3daf7
7782a30c5e380c283300eb634147c3056e4303fa
3e64abafa2f1247b6ed38cfb91414255c64d9d71d7e18b5667a6255958677ac2
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/3546.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png
content-length: 16089
x-amz-id-2: b97U3Ev6rHpnKQbiYnPMdqlOlz9GysKCM1zpRrAO7+lWv3IvXFcmpkZvI1McXoz5TcT4Zw3BTZSLCheKKVrZxQ==
x-amz-request-id: G99KRNHJAMBS2TBR
last-modified: Tue, 13 Aug 2019 15:04:59 GMT
etag: "bfa384380676326533085e6284d3daf7"
x-amz-version-id: yET8b28KXar6KSntfureaLdvE46L8yB0
expires: Sun, 04 Dec 2022 11:12:06 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/cacdab3a27eb1a7fd7d7ef873ae5e00b.png
178.253.14.166200 OK 6.8 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/cacdab3a27eb1a7fd7d7ef873ae5e00b.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash cacdab3a27eb1a7fd7d7ef873ae5e00b
33dd52d0fe70e248b570c49e2800ae8d058ce98a
e5bd1a57f0f178c6ff0a5cdb139823148183ad5157c763b77dff0bc58e9800d2
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/cacdab3a27eb1a7fd7d7ef873ae5e00b.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png, image/jpeg
content-length: 6810
x-amz-id-2: 4R+LE8NfxicVdlLS6ujx/vVz1olM/r3rGgqMkHn91HMVAnjLKd8f6aFGZRJpBCOmexJLs7+sBHwmOkePZrudbA==
x-amz-request-id: G99MBB386XR2CBT7
last-modified: Sun, 03 Nov 2019 07:38:01 GMT
etag: "cacdab3a27eb1a7fd7d7ef873ae5e00b"
x-amz-version-id: U7x_2.J63wQifvuz0mYRXnd6rYy1G0Oq
expires: Sun, 04 Dec 2022 11:12:06 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.png
178.253.14.166200 OK 19 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.png
IP 178.253.14.166:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 9daf8b58d38593afa8f0d1956f5f8b3d
c9a27c3c80c611a3e51964ae104db70602f2c608
d7e4042b1e80a2c83c4d71eaba92918821b514511356eb608bd6e2af8e0d61ff
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png
content-length: 18874
x-amz-id-2: /WYt+ifILHTn4a7TIYlMM96nBIekB+87f/su4Zizb7DcppgJWNY5Mi1tEAXRIQwiEfpyHo0CJnrYV2krFaqz9g==
x-amz-request-id: G99GNB01NT343A0S
last-modified: Thu, 26 Aug 2021 08:40:25 GMT
etag: "9daf8b58d38593afa8f0d1956f5f8b3d"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/8514.png
178.253.14.166200 OK 8.1 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/8514.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 0a92e01990179fe6803936d9ef572146
4a87082ccd2bfc021ef69b903eef88abe5c8a26a
54aa0d41eb6a01b1bada4d1b7c8bf18e94936e3813d319c70c64e8891affbc37
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/8514.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png
content-length: 8093
x-amz-id-2: XGAvt48K816Ti/3/V50ruExeUjFRQEHeLNY+89pstVcy48ac+EvudHs5nMQlfiauzDiF0Uv9LVmsXjlNcaoVVg==
x-amz-request-id: HKRPEZ3DPWJWTKFS
last-modified: Tue, 13 Aug 2019 15:12:05 GMT
etag: "0a92e01990179fe6803936d9ef572146"
x-amz-version-id: CRBSYoyCP.ii6DHBmT1KA8f.zoIoyM2N
expires: Sun, 04 Dec 2022 11:12:06 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/8518.png
178.253.14.166200 OK 6.9 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/8518.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e0502a079111a4b09f3105e8f0bf0442
672b2ea2ce2017c625b4f0a124344a01bdf45ed2
51e60907053fcae64ae693591cf331911d3b5c79abfafa371594deebbff23022
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/8518.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png
content-length: 6863
x-amz-id-2: cF/l91krGyICUKL1bFG4pla5nB3Z+w8m/WtyxoNYtj7WsOmbYAjkHFkzX8QGXwNDVyhvF8TF2xSfN3vGTUtOkw==
x-amz-request-id: HKRHXJ3TJ2YZD52W
last-modified: Tue, 13 Aug 2019 15:12:05 GMT
etag: "e0502a079111a4b09f3105e8f0bf0442"
x-amz-version-id: lK6r6WTdtu056qL3R8KsQ2JTLRqEDCC_
expires: Sun, 04 Dec 2022 11:12:06 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo-champ/9adffbc80a8d207de772719c1fd5c56d.png
178.253.14.166200 OK 11 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo-champ/9adffbc80a8d207de772719c1fd5c56d.png
IP 178.253.14.166:0
File type PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced\012- data
Hash 9adffbc80a8d207de772719c1fd5c56d
15040286d90d2f6aa7781b2e21ba860aa88752e9
a9e1ff151cd68dd773872cd25c8497850247cedee9bd91f3c172fe5415bd1f82
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo-champ/9adffbc80a8d207de772719c1fd5c56d.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png, image/jpeg
content-length: 10864
x-amz-id-2: 93JRIQezQia5Xcvcc60diHhMumjbnNqsZhCblt2PRKKMDim8XAVJYXr6uVXfMYZ8X+2Cx/vMnBVZ4BOgrvGrdA==
x-amz-request-id: G99PSD7MEM8CGE1J
last-modified: Mon, 07 Oct 2019 07:09:56 GMT
etag: "9adffbc80a8d207de772719c1fd5c56d"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/6850.png
178.253.14.166200 OK 15 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/6850.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash d53de6b55255baa381574e190da823e7
f43a96efb64ee4611cad70cfbd65f6fc15a09047
0162552197989ead11601dc5205a421e05de19474a21705a2871331b99db4be1
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/6850.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png
content-length: 14620
x-amz-id-2: rKjSNXGKOgbMIp93VDchyCyQVGRjsPMPdufgeFrw89ULg3iIlQCTVGylccI9SXGaKcqie5VUhI+aOlb7qq6/2Q==
x-amz-request-id: G99N9J91DPJMF7D9
last-modified: Tue, 13 Aug 2019 15:10:21 GMT
etag: "d53de6b55255baa381574e190da823e7"
x-amz-version-id: bHzB0rmPfYRMKCwlQF10UX5VCk7ldo6J
expires: Sun, 04 Dec 2022 11:12:06 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/6900.png
178.253.14.166200 OK 14 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/6900.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash ee083ae525cfe5b27ef66189306a13e0
f0236b568b70fe43ca360fc21cfd553a89692684
eb496d5e7135a09dcd3d0443082ff51c00f6eb31df45522d7e0c8070b7a2c42e
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/6900.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png
content-length: 14213
x-amz-id-2: GW7wYF83bllo9m3hHI1MMRIAz1eUUUWsIGFWGy5JzUCFVjAkVdUb06X1OudQ1i5Y3CNip1zCmtO/RmW2B1Dwtg==
x-amz-request-id: G99RS41TRGRCYRRJ
last-modified: Tue, 13 Aug 2019 15:10:25 GMT
etag: "ee083ae525cfe5b27ef66189306a13e0"
x-amz-version-id: UJ9fHxG8xLLdZ3WlYgnjAhZOt6WvPG6X
expires: Sun, 04 Dec 2022 11:12:06 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/fad63d98dbd2f6d48b2f66940a47167f.png
178.253.14.166200 OK 16 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/fad63d98dbd2f6d48b2f66940a47167f.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash e20b46033ead3200429130555ca95f3f
22cfb79982b2708e9806426574ff52031c343c77
abafd011bf0d132d0623d19f0f800a4a0e53487ffed3d39ae07482f08a7fe765
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/fad63d98dbd2f6d48b2f66940a47167f.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png
content-length: 16504
x-amz-id-2: TTRBz3jEUss8DVoAyrMjX4DYTwUQGAa3SDbiArVswpsVQXSMM9+zzU7ngqZWorMra6H0y2nmuxgDhxAfX9UnMg==
x-amz-request-id: G99WTAY0TW358313
last-modified: Tue, 26 Jan 2021 23:24:09 GMT
etag: "e20b46033ead3200429130555ca95f3f"
x-amz-version-id: TOd1wr.tIYZEEXiPP.yv1FxJmq_g2T0i
expires: Sun, 04 Dec 2022 11:12:06 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/6896.png
178.253.14.166200 OK 6.9 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/6896.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash d4c46a89fb287b2f0a361d105b6bcf89
681a2b1bf575c1e3a3c07c35698e72c0213cc6b5
146044c3df755d86704829deb02fa57f45a825bd2edf4d9f48ce51a5deb04f6a
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/6896.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png
content-length: 6914
x-amz-id-2: CI4Nkv9s+o4ZRvgGKfnQKf3PdDK8J15gwpGnuS+fzrzPBisLyLWx1QIvEke2w4j9kyvbO7GIezLv2QF+3jk7Yw==
x-amz-request-id: G99SQ8W11GPDQQAB
last-modified: Tue, 13 Aug 2019 15:10:24 GMT
etag: "d4c46a89fb287b2f0a361d105b6bcf89"
x-amz-version-id: h6y8zngLe85qevoIBayEqSaWlq7PuJuk
expires: Sun, 04 Dec 2022 11:12:06 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/95487b44065316a9e6bb8f53d57a9010.png
178.253.14.166200 OK 31 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/95487b44065316a9e6bb8f53d57a9010.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 95487b44065316a9e6bb8f53d57a9010
c6903c44c775ffe8e5fb79b68a1a6e79d6404219
b32639903e46c36f6b1a3fd13eee1ba4798fa7bb3ed3c203c160f2d966f01b98
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/95487b44065316a9e6bb8f53d57a9010.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png, image/jpeg
content-length: 31016
x-amz-id-2: y2N/CF3/dxEhTUsY2DyhWW0n85CnIbXq/GTwfQOhlPHm+AFtlHBM+BLqb0PNqWrr87iSP6xMkEc8mRlQA43r6A==
x-amz-request-id: G99NYEB47G2HKD4P
last-modified: Fri, 22 Nov 2019 06:36:37 GMT
etag: "95487b44065316a9e6bb8f53d57a9010"
x-amz-version-id: fHk4mA7uisD3mJ2OPx3Xx0VOpOm1A_eU
expires: Sun, 04 Dec 2022 11:12:06 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x36781678.top/sfiles/logo_teams/6866.png
178.253.14.166200 OK 12 kB URL HTTP/2 lite-1x36781678.top/sfiles/logo_teams/6866.png
IP 178.253.14.166:0
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash b9138b96dc424fe13e1f9f802f1b42d1
762e9bf77880a322585950abd7997a126d7971b2
8c009eed8d85b92e0a03d40efea40bd8f2580fad48e7293d442745e1e0a89724
Analyzer Verdict Alert quad9 Sinkholed
GET /sfiles/logo_teams/6866.png HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280; is_rtl=1; tzo=3; fast_coupon=true; v3fr=1; _glhf=1670083699; che_g=c2d313bf-4b12-8997-e1f8-87f8904bcf9f; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:06 GMT
content-type: image/png
content-length: 12418
x-amz-id-2: ADVnTmA44IqGqymfEVqBOyBzEmZKD4Bnk0BJ6pkibC+zHeztiK4piNV10WIQHd9Th7HKPtHl4M3ZPmIBU1bliQ==
x-amz-request-id: G99TDEZYZCQRR2D7
last-modified: Tue, 13 Aug 2019 15:10:22 GMT
etag: "b9138b96dc424fe13e1f9f802f1b42d1"
x-amz-version-id: OlY7TCvrP8JQPzD8B6iXk58VMeu1t.9V
expires: Sun, 04 Dec 2022 11:12:06 GMT
cache-control: max-age=86400, public,max-age=120,s-maxage=600
accept-ranges: bytes
X-Firefox-Spdy: h2
refpaydc.top/L?tag=d_42282m_22583c_[]MS[]null[]null[]general[]_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
45.135.120.169303 See Other 0 B URL HTTP/2 refpaydc.top/L?tag=d_42282m_22583c_[]MS[]null[]null[]general[]_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
IP 45.135.120.169:0
GET /L?tag=d_42282m_22583c_[]MS[]null[]null[]general[]_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3 HTTP/1.1
Host: refpaydc.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://luckyforbet.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 303 See Other
server: nginx
date: Sat, 03 Dec 2022 11:11:56 GMT
cache-control: private
location: https://1x-xredbet002400.top:443/?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
x-aspnetmvc-version: 5.0
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
178.253.14.166200 OK 0 B URL HTTP/2 lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
IP 178.253.14.166:0
Analyzer Verdict Alert quad9 Sinkholed
GET /us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3 HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://luckyforbet.com/
Connection: keep-alive
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:11:58 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=1321;desc="Nuxt Server Time", dt_285;dur=1426
set-cookie: SESSION=af027fb3e4230dbd96136cfdb01015fb; Path=/; HttpOnly; Secure; SameSite=Lax
lng=us; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Wed, 01 Feb 2023 11:11:57 GMT
reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; Path=/; Expires=Sat, 03 Dec 2022 12:11:57 GMT
postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; Path=/; Expires=Mon, 02 Jan 2023 11:11:57 GMT
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/external-api/getFirstDepositBonus
178.253.14.166200 OK 0 B URL HTTP/2 lite-1x36781678.top/web-api/external-api/getFirstDepositBonus
IP 178.253.14.166:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=30, dt_285;dur=32
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/sports-200061.svg
178.253.14.166200 OK 0 B URL HTTP/2 lite-1x36781678.top/_nuxt/Desktop/Default/svg-sprites/sports-200061.svg
IP 178.253.14.166:0
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/Desktop/Default/svg-sprites/sports-200061.svg HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Fri, 02 Dec 2022 21:04:02 GMT
etag: W/"638a6842-52ce3"
expires: Sun, 04 Dec 2022 10:08:09 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
suphelper.com/widget/injector.js
104.16.43.72200 OK 0 B URL HTTP/2 suphelper.com/widget/injector.js
IP 104.16.43.72:0
GET /widget/injector.js HTTP/1.1
Host: suphelper.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x36781678.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 03 Dec 2022 11:12:04 GMT
content-type: application/javascript; charset=UTF-8
x-dns-prefetch-control: off
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'strict-dynamic' 'nonce-e69da972-5c83-4067-8339-90d3f52d256e' https://www.googletagmanager.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com; img-src 'self' https: data:; font-src 'self' https://fonts.gstatic.com data:; connect-src 'self' ws://localhost:8085 https://www.google-analytics.com https://www.googletagmanager.com https://stats.g.doubleclick.net https://mc.yandex.ru https://api.github.com http://192.168.208.23:11999 https://suphelper.com wss://suphelper.com *.suphelper.com https://suphelper.ru wss://suphelper.ru *.suphelper.ru https://cons.insystem.su wss://cons.insystem.su *.cons.insystem.su wss://chat.insystem.su https://chat.insystem.su *.chat.insystem.su; frame-src 'self' https://www.google.com https://www.google.com/recaptcha/; report-uri /widget/api/report-csp/
cache-control: public, max-age=300
last-modified: Fri, 02 Dec 2022 12:57:18 GMT
etag: W/"28e6c-184d2e9a3b0"
vary: Accept-Encoding
cf-cache-status: HIT
age: 253
server: cloudflare
cf-ray: 773bdd79cf5d98f0-ARN
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lite-1x36781678.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=us&fCountry=137
178.253.14.166200 OK 0 B URL HTTP/2 lite-1x36781678.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=us&fCountry=137
IP 178.253.14.166:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=us&fCountry=137 HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x36781678.top/us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
Cookie: platform_type=desktop; auid=sv0OpmOLLv0ljCIrBAkFAg==; SESSION=af027fb3e4230dbd96136cfdb01015fb; lng=us; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder; postback_watcher=%7B%22tag%22%3A%22d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder%22%2C%22pb%22%3A%224af4bf2b69b04f5484545de344ba50ee%22%2C%22click_id%22%3A%224c763cd0-72fb-11ed-9b96-4db66faecdb3%22%7D; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 11:12:03 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=165, dt_285;dur=167
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x36781678.top/?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
178.253.14.166302 Found 0 B URL HTTP/2 lite-1x36781678.top/?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
IP 178.253.14.166:0
Analyzer Verdict Alert quad9 Sinkholed
GET /?tag=d_42282m_22583c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3 HTTP/1.1
Host: lite-1x36781678.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://luckyforbet.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
date: Sat, 03 Dec 2022 11:11:57 GMT
location: /us?tag=d_42282m_22583c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D_d27775_l16418_clickunder&pb=4af4bf2b69b04f5484545de344ba50ee&click_id=4c763cd0-72fb-11ed-9b96-4db66faecdb3
reason-v3: empty_lang
server-timing: total;dur=82;desc="Nuxt Server Time", dt_285;dur=113
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
set-cookie: platform_type=desktop; Path=/; Expires=Tue, 06 Dec 2022 11:11:57 GMT
auid=sv0OpmOLLv0ljCIrBAkFAg==; expires=Sun, 03-Dec-23 11:11:57 GMT; path=/
X-Firefox-Spdy: h2