lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
178.253.14.164301 Moved Permanently 162 B URL HTTP/1.1 lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
IP 178.253.14.164:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert quad9 Sinkholed
GET /us/landing-page/landing_first_deposit_bet26_p45_ar1 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 28 Nov 2022 04:10:38 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10062
Expires: Mon, 28 Nov 2022 06:58:20 GMT
Date: Mon, 28 Nov 2022 04:10:38 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4706
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:38 GMT
Last-Modified: Mon, 28 Nov 2022 02:52:12 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8761
Expires: Mon, 28 Nov 2022 06:36:39 GMT
Date: Mon, 28 Nov 2022 04:10:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 03:19:31 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3067
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RrbG4zuI/0TOuLG1vzNy2bzEWnCGludbbKpGAnqQwsiyhzhQnIAPlu/s4PWImC2LqvlrUAjtDnk=
x-amz-request-id: 7C73XB1FR51QSSFV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 03:44:53 GMT
age: 1545
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b42002337f07dfcb0f18ba3c65c307ec
a9ff67aad0dd206a816e8d4a5cf4939c6785f01b
f7e2680f00eab605df14d421305322dd4f79f2e5910fc55d8f8d700e6830829d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7E2680F00EAB605DF14D421305322DD4F79F2E5910FC55D8F8D700E6830829D"
Last-Modified: Sun, 27 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10617
Expires: Mon, 28 Nov 2022 07:07:35 GMT
Date: Mon, 28 Nov 2022 04:10:38 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 03:11:12 GMT
cache-control: public,max-age=3600
age: 3566
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4287
Cache-Control: max-age=108460
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:39 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:18:19 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
142.250.74.10200 OK 2.2 kB URL HTTP/2 fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP 142.250.74.10:0
Hash eb929cb635515b60adc09bd0570df0ef
045ba79e263c623d799c48e6c65d6a981b4f64cb
d837f8675302f107945e88f7b564d8e2f453bb544f040eb9e47b3f67de9df345
GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 04:10:39 GMT
date: Mon, 28 Nov 2022 04:10:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x86926289.top/static-promotion/2547d7e.modern.js
178.253.14.164200 OK 4.5 kB URL HTTP/2 lite-1x86926289.top/static-promotion/2547d7e.modern.js
IP 178.253.14.164:0
File type ASCII text, with very long lines (8450), with no line terminators
Hash be48c9d2aed2aae123785bee4d5d1809
93bcd602282d864208fc7c75d657d4e08ed0ed1a
8f112ba0b4284d636916b5c004efce1da374a925d466fa08f227db3717d11213
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/2547d7e.modern.js HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 4504
last-modified: Sat, 26 Nov 2022 13:54:58 GMT
vary: Accept-Encoding
etag: "63821ab2-1198"
content-encoding: gzip
expires: Mon, 28 Nov 2022 05:10:39 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/static-promotion/43014a8.modern.js
178.253.14.164200 OK 80 kB URL HTTP/2 lite-1x86926289.top/static-promotion/43014a8.modern.js
IP 178.253.14.164:0
File type ASCII text, with very long lines (65485)
Hash f2ff4b220c7fb76b7f0dbee278b1bd5a
11a444a7dd2255ae88dd5e9fa65dfda1d63ecc2c
5798ce52fb6419d27e804d9df7cb4b6ce15128aac862b21f09420d93666fe34f
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/43014a8.modern.js HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 80493
last-modified: Sat, 26 Nov 2022 13:54:58 GMT
vary: Accept-Encoding
etag: "63821ab2-13a6d"
content-encoding: gzip
expires: Mon, 28 Nov 2022 05:10:39 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/static-promotion/2c17dbf.modern.js
178.253.14.164200 OK 100 kB URL HTTP/2 lite-1x86926289.top/static-promotion/2c17dbf.modern.js
IP 178.253.14.164:0
File type Unicode text, UTF-8 text, with very long lines (65405)
Hash 63655f20282fe8dd39aef2624ce8559e
bd5514f692ac64b0ba95b53cbbe020810d5ec990
01c074c719613a4c27967fd1b370739a8733888095d17dbef92f228afde17f5a
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/2c17dbf.modern.js HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 99499
last-modified: Sat, 26 Nov 2022 13:54:58 GMT
vary: Accept-Encoding
etag: "63821ab2-184ab"
content-encoding: gzip
expires: Mon, 28 Nov 2022 05:10:39 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/static-promotion/009bd2a.modern.js
178.253.14.164200 OK 130 kB URL HTTP/2 lite-1x86926289.top/static-promotion/009bd2a.modern.js
IP 178.253.14.164:0
File type Unicode text, UTF-8 text, with very long lines (64918), with no line terminators
Size 130 kB (130403 bytes)
Hash 7cf7f0ac4b4abc102965d67df2737bb1
95a9abc66a6f1a33536dc5f1ba67313709a77157
758296e9a905844be4f36874ac505187ef20242969e9ed213359e2b19d4baaae
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/009bd2a.modern.js HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 130403
last-modified: Sat, 26 Nov 2022 13:54:58 GMT
vary: Accept-Encoding
etag: "63821ab2-1fd63"
content-encoding: gzip
expires: Mon, 28 Nov 2022 05:10:39 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.167.231.108101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.167.231.108:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3P/E6gMuJ4cNLbv+2nuLaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NI3nxVSLzwB862F8c9Kv9zwKwJM=
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 921c0c6b30dd06fbaaeb97ce0a867b4b
aa5fcd224b345e4f59c9b45f362d8ca630d3804e
71370ee9578ec44382dd1ee2bfd8c46f5051787a529722e8ad09bce38b425545
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:10:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:03:06 GMT
Expires: Sun, 04 Dec 2022 15:03:05 GMT
Etag: "aa5fcd224b345e4f59c9b45f362d8ca630d3804e"
Cache-Control: max-age=556945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7710414d1a19b512-OSL
v3.traincdn.com/_nuxt/desktop/default/265bc171.modern.js
8.247.218.250200 OK 533 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/265bc171.modern.js
IP 8.247.218.250:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 533 kB (533300 bytes)
Hash fee06e1b75894be84a0f889b7e45c87f
3b814d62efaad007a466f5124dd6a6b2f5b10b1b
dc0b5efbb99d403aa349da823f17b903e8e4b9cd6db002a3930c2838870a762a
GET /_nuxt/desktop/default/265bc171.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 533300
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-82334"
expires: Mon, 28 Nov 2022 08:44:57 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 69943
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/6f22b392.css
8.247.218.250200 OK 217 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/6f22b392.css
IP 8.247.218.250:0
File type ASCII text, with very long lines (408), with no line terminators
Hash 2919a82ca1101572edf5510b83ab9804
6a276686d4a07a24347e3287f74824d17c200856
6fa9791ee17a6e3546381e4df7a59fc62b17fd0eec052a61e88d60c18ad85f08
GET /_nuxt/desktop/default/css/6f22b392.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: text/css
content-length: 217
cache-control: max-age=86400
content-encoding: gzip
etag: "6381d6d7-d9"
expires: Mon, 28 Nov 2022 08:32:17 GMT
last-modified: Sat, 26 Nov 2022 09:05:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 70702
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
8.247.218.250200 OK 698 B URL HTTP/2 v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP 8.247.218.250:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash baf96800254904a05eee2ff49c94a801
847efb3449a8d7857f004192310aa2164a71d530
0ba137aa5f655e712ac40a592f366d1bd3b53b0a6b71c2cff4e7e0090f440335
GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: image/svg+xml
content-length: 698
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Mon, 28 Nov 2022 04:08:40 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 240
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/8c439d72.css
8.247.218.250200 OK 49 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/8c439d72.css
IP 8.247.218.250:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 3e873710ef49cd86bb7fcad31400b810
2ad2afd41cd45cdb28412fb3f06f03ad9f156e59
a0131225a6e64e48ad62e143cf6c8a41cf6f05f05ec9b03185cd311c2805bb13
GET /_nuxt/desktop/default/css/8c439d72.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: text/css
content-length: 48550
cache-control: max-age=86400
content-encoding: gzip
etag: "6381d6d7-bda6"
expires: Mon, 28 Nov 2022 08:28:59 GMT
last-modified: Sat, 26 Nov 2022 09:05:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 70901
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/95bde23c.modern.js
8.247.218.250200 OK 660 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/95bde23c.modern.js
IP 8.247.218.250:0
File type ASCII text, with very long lines (65479)
Size 660 kB (660314 bytes)
Hash d566542baef88a2f9a51f5a8186de5bb
1465b129e62ace12856c835cc4a8f3676b82b7ea
0eb01ed460f954cc5474f04258d8c6c36256ea06cb47365159cd8a57ef1a6741
GET /_nuxt/desktop/default/95bde23c.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 660314
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-a135a"
expires: Mon, 28 Nov 2022 09:23:27 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67632
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/12df164d.modern.js
8.247.218.250200 OK 1.8 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/12df164d.modern.js
IP 8.247.218.250:0
File type ASCII text, with very long lines (4622), with no line terminators
Hash 0c087d2b530f536f7ef18543abe42152
97fdcb15aeba8ad5983c7cd587fcd942be0b2995
6d53ca0fea85d37f8dea0683e55101d435b51eae4edbf7f103153988c9fcd374
GET /_nuxt/desktop/default/12df164d.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 1823
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-71f"
expires: Mon, 28 Nov 2022 12:15:29 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 57310
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 921c0c6b30dd06fbaaeb97ce0a867b4b
aa5fcd224b345e4f59c9b45f362d8ca630d3804e
71370ee9578ec44382dd1ee2bfd8c46f5051787a529722e8ad09bce38b425545
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:10:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:03:06 GMT
Expires: Sun, 04 Dec 2022 15:03:05 GMT
Etag: "aa5fcd224b345e4f59c9b45f362d8ca630d3804e"
Cache-Control: max-age=556945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7710414d1b520b06-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 921c0c6b30dd06fbaaeb97ce0a867b4b
aa5fcd224b345e4f59c9b45f362d8ca630d3804e
71370ee9578ec44382dd1ee2bfd8c46f5051787a529722e8ad09bce38b425545
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:10:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:03:06 GMT
Expires: Sun, 04 Dec 2022 15:03:05 GMT
Etag: "aa5fcd224b345e4f59c9b45f362d8ca630d3804e"
Cache-Control: max-age=556945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7710414d1d35b523-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 921c0c6b30dd06fbaaeb97ce0a867b4b
aa5fcd224b345e4f59c9b45f362d8ca630d3804e
71370ee9578ec44382dd1ee2bfd8c46f5051787a529722e8ad09bce38b425545
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:10:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:03:06 GMT
Expires: Sun, 04 Dec 2022 15:03:05 GMT
Etag: "aa5fcd224b345e4f59c9b45f362d8ca630d3804e"
Cache-Control: max-age=556945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7710414d19440b3d-OSL
v3.traincdn.com/_nuxt/desktop/default/d4b35b6a.modern.js
8.247.218.250200 OK 93 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/d4b35b6a.modern.js
IP 8.247.218.250:0
File type Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with very long lines (65466)
Hash b28624baf16e9233cc758e307d9f6ca2
cbef4dfe30c4af52b64bfde1cb4b2b6b02895a20
b853cdd13e13b38861c0ba12f2d54a4437c83ea9e480060f432c8413583f82eb
GET /_nuxt/desktop/default/d4b35b6a.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 93447
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-16d07"
expires: Mon, 28 Nov 2022 09:23:27 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67632
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 921c0c6b30dd06fbaaeb97ce0a867b4b
aa5fcd224b345e4f59c9b45f362d8ca630d3804e
71370ee9578ec44382dd1ee2bfd8c46f5051787a529722e8ad09bce38b425545
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:10:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:03:06 GMT
Expires: Sun, 04 Dec 2022 15:03:05 GMT
Etag: "aa5fcd224b345e4f59c9b45f362d8ca630d3804e"
Cache-Control: max-age=556945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7710414d1ed9b509-OSL
v3.traincdn.com/_nuxt/desktop/default/css/4859ddb3.css
8.247.218.250200 OK 84 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/4859ddb3.css
IP 8.247.218.250:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8221793c110e14a0e1cfbb52f1ef36db
7aafe0364ba395958f922f8fc6cb88729da341e5
99615c2de27fc399156c626254c3a4d94d2c2a9179ee4c157fe1ed14b19fe301
GET /_nuxt/desktop/default/css/4859ddb3.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: text/css
content-length: 84417
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-149c1"
expires: Mon, 28 Nov 2022 09:23:30 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67632
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/02b93193.modern.js
8.247.218.250200 OK 6.6 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/02b93193.modern.js
IP 8.247.218.250:0
File type ASCII text, with very long lines (17080), with no line terminators
Hash dac3acea98b75cc5eee2c7746964cf02
74be6789f1989c1f2ffbc3ec80cd622a30d59ab6
420906a7db3c30c4f655d450163812c104e37243a5204afb5a61c2c6b87e0a9a
GET /_nuxt/desktop/default/02b93193.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 6567
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-19a7"
expires: Mon, 28 Nov 2022 09:23:30 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67632
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/version.json
8.247.218.250200 OK 44 B URL HTTP/2 v3.traincdn.com/version.json
IP 8.247.218.250:0
Hash 72331dc68cc4aec9403a486e263714fd
d8821982075adaadce50f07910d58bcce40c5129
462dcdf9735f2c52810899a254158e8a16310f4fbef49b89599897fc7cdc155d
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/json
content-length: 44
cache-control: max-age=60, s-maxage=60
content-encoding: gzip
etag: "63832023-2c"
expires: Mon, 28 Nov 2022 04:10:42 GMT
last-modified: Sun, 27 Nov 2022 08:30:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 57
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 376591
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 396187
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 379010
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x86926289.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
178.253.14.164200 OK 352 B URL HTTP/2 lite-1x86926289.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP 178.253.14.164:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3511
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:10:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3511
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:10:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3511
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:10:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3511
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:10:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 005e5ba3c9588cf389a58195001b64e3
238a7439d887fb3aa7f1302eeb43fce62f08441a
d75dd5b6f57d9c9290725c5be76cc7d7a39682ca569bea18eceb9bdc13d444f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10813
x-amzn-requestid: 5a3c9584-1389-45ac-968d-0a2301f82eda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KG00oAMFpig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-6ffc3ff67f7f7e75399834e8;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pyXmSrIJ5ookfmhWY2xPXv374JfY2fFkcgiz5q8iFpWV4Rm0f0zXtg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 22776
etag: "238a7439d887fb3aa7f1302eeb43fce62f08441a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1bb306213437ea24ab879adc9e3b6da4
771d38e18cdfa54052f7cb150b73c03154eb4368
d4cce7533fd59ef11fb8fec4bc114d5be0bacaa9134e3f1536e0d6bac1f58ffb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6498
x-amzn-requestid: 2499eb0e-74c9-4c04-ba58-3e65fc452c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHU4oAMFaAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-12f14e7a30bc1a75499cb272;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m5GSRli35fewn4l-k0jyFEcru1VKJlDYddCrLEpp5YiQwaLXsXsQDw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:02:23 GMT
age: 22097
etag: "771d38e18cdfa54052f7cb150b73c03154eb4368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0bd385532089b45a14e461abbecc1af
3da359b1ba09138a425094715b9f3a2f8d0257fe
803001528f2aefc1ea90e585d48de435975862861a1cbe8d898e5cd7ebd297dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8771
x-amzn-requestid: 995d3904-9be1-4b40-9813-ff47e60639ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MEAPoAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-3fdb7958064e0c4b1aed2136;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vrBB4JkuL3nbZnDWitQ4dvTruO9M6hSt8mw9NuJliCmcNOw8xvfWhw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:20:34 GMT
age: 21006
etag: "3da359b1ba09138a425094715b9f3a2f8d0257fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d407d1a700a02f6422a0415be9648354
e9a69711e04e8028f11082285a405bafc61c5b20
dfc27a9aea46df1e218ee485296392c5a6c03756e91487f37212c69d4b30a418
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 24915481-2902-4776-b489-7741957424f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvEfioAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-7846a98a5fb3d0786cb84130;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -DsRBfO-yxwm29z7mDDNkK69aQb_fpEzVY0vuVUWZrx6-aubx7a3YA==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 07:39:44 GMT
age: 73856
etag: "e9a69711e04e8028f11082285a405bafc61c5b20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b24e349e9d22fb30fbc80497b512cead
c033d1ecdb9e7640f3df044e39053bed8292fcbc
2d77e3c39c60a3563613b1ba97ec0b1a256f41ad09936ba49b23d8cf22f8a7a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6263
x-amzn-requestid: 5c3da401-eb9e-4904-a7e9-5e74648b8b77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KFfWoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3110d65625e883502a5078a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EpU6HS6f0BpRceJVfwhBhOgKMTMvdMZj4ST9DMATiqfA10pNplyPtQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 22776
etag: "c033d1ecdb9e7640f3df044e39053bed8292fcbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 22164
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lite-1x86926289.top/_nuxt/desktop/default/css/6f22b392.css
178.253.14.164200 OK 217 B URL HTTP/2 lite-1x86926289.top/_nuxt/desktop/default/css/6f22b392.css
IP 178.253.14.164:0
File type ASCII text, with very long lines (408), with no line terminators
Hash 7daedfd2e5d51a6d32dad0ebc8670b9b
8188bcb32337c1db47695dd3fd1df0ad2710ce91
bb735f470af34179f2b18d7c55ea895ce7e5595a64f67e98fcbd169176b33745
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/desktop/default/css/6f22b392.css HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:40 GMT
content-type: text/css
content-length: 217
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
vary: Accept-Encoding
etag: "63831f02-d9"
content-encoding: gzip
expires: Mon, 28 Nov 2022 05:10:40 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1669608640328
178.253.14.164200 OK 145 B URL HTTP/2 lite-1x86926289.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1669608640328
IP 178.253.14.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1669608640328 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:40 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x86926289.top/pwa
178.253.14.164200 OK 15 B IP 178.253.14.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e4766fd1b2ba2e236fd9364587f99ab
eb98dec7af065d80a1a3ddb99cb3e3c0919aa852
4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b
Analyzer Verdict Alert quad9 Sinkholed
GET /pwa HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Connection: keep-alive
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:40 GMT
content-type: application/json; charset=utf-8
content-length: 15
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
server-timing: dt_285;dur=2
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/abf3835a.modern.js
8.247.218.250200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/abf3835a.modern.js
IP 8.247.218.250:0
File type ASCII text, with very long lines (2510), with no line terminators
Hash 776645d2326a07da88bdde59af23c88d
34c041c3ab883d227b2e4d6a7563a2d231ad8a8f
232ed4d24c5fdb317230eee2ec2a46986002e6972a86a2ba757d8b6b5645a3a1
GET /_nuxt/desktop/default/abf3835a.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 1083
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-43b"
expires: Mon, 28 Nov 2022 12:12:44 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 57477
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-178408567-1
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash b78f4533b0315655ab14bfd6972ae7a6
331175020299838620f6d091c79ab0c8c0a44377
5f548e14ba75b3253cf5751d87b6e5928d01ad4f16fb834f3dbc76122f9c0bfc
GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 04:10:41 GMT
expires: Mon, 28 Nov 2022 04:10:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44713
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x86926289.top/version.json?timestamp=1669608640522
178.253.14.164200 OK 44 B URL HTTP/2 lite-1x86926289.top/version.json?timestamp=1669608640522
IP 178.253.14.164:0
Hash 72331dc68cc4aec9403a486e263714fd
d8821982075adaadce50f07910d58bcce40c5129
462dcdf9735f2c52810899a254158e8a16310f4fbef49b89599897fc7cdc155d
Analyzer Verdict Alert quad9 Sinkholed
GET /version.json?timestamp=1669608640522 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
content-length: 44
last-modified: Sun, 27 Nov 2022 08:30:27 GMT
vary: Accept-Encoding
etag: "63832023-2c"
content-encoding: gzip
expires: Mon, 28 Nov 2022 04:11:41 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
radar.cedexis.com/1593429750/radar.js
45.54.49.5200 OK 19 kB URL HTTP/1.1 radar.cedexis.com/1593429750/radar.js
IP 45.54.49.5:0
ASN #63911 NetActuate, Inc
File type ASCII text, with very long lines (1782)
Hash 2acb3c3179b2646943d1a8f5166743cc
56aa31a4027fec3dd8cc78114c6b0f3604716c14
0ac8b27ab0fd5f6440f4fc51e98694a417ae1402a3ca4feb224643327c079595
GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 04:10:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 29 Jun 2020 11:30:33 GMT
Vary: Accept-Encoding
ETag: W/"5ef9d0d9-af5c"
Expires: Mon, 12 Dec 2022 04:10:41 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
lite-1x86926289.top/_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg
178.253.14.164200 OK 41 kB URL HTTP/2 lite-1x86926289.top/_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg
IP 178.253.14.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 99a829e8a772aad078540e0f077c1e40
d15d0e736b9082445b64a64dc45dd3000c7912e0
993175bba9fe17eedf7edb260e2da91fd9244e7e1302b192de5c0bd500d4331c
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
etag: W/"63831f02-196ca"
expires: Mon, 28 Nov 2022 23:43:51 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
8.247.218.250200 OK 454 B URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
IP 8.247.218.250:0
File type ASCII text, with very long lines (1429), with no line terminators
Hash 38ab8312925719bbf27c9f9ce1acf908
e1bad84acb2e6396a4e55fdbd8e58727ccdb444f
f79ed2de7ff2155a501cad024d7a47fd85996f9403cefc8088300718fdbf090d
GET /_nuxt/desktop/default/css/c2b74bc7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: text/css
content-length: 454
cache-control: max-age=86400
content-encoding: gzip
etag: "6381d6d7-1c6"
expires: Mon, 28 Nov 2022 08:29:07 GMT
last-modified: Sat, 26 Nov 2022 09:05:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 70896
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x86926289.top/_nuxt/svg-sprites/qatar-fce482452f0624ce31de0cfe3caf302b.svg
178.253.14.164200 OK 9.2 kB URL HTTP/2 lite-1x86926289.top/_nuxt/svg-sprites/qatar-fce482452f0624ce31de0cfe3caf302b.svg
IP 178.253.14.164:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (18547), with no line terminators
Hash 468ccec3e070064da1408049cdf082c6
a861f24b3d29e0538a16bfe67cc4dd36ade06bcd
ce501973dba779bc899663dfbdfa7d8cff2cc958e70b86573dc55c909b44d84e
Analyzer Verdict Alert quad9 Sinkholed
GET /_nuxt/svg-sprites/qatar-fce482452f0624ce31de0cfe3caf302b.svg HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sun, 27 Nov 2022 08:22:21 GMT
etag: W/"63831e3d-4873"
expires: Mon, 28 Nov 2022 16:58:25 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/e7ea6c61.modern.js
8.247.218.250200 OK 17 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/e7ea6c61.modern.js
IP 8.247.218.250:0
File type Unicode text, UTF-8 text, with very long lines (41008), with NEL line terminators
Hash 646526cb77d985135898799955da04a3
0c6f345e1cce13c2084204b9eec16bb2ee3ba509
8b3d80e4982430d135192cd8aa7f18c0c81c48b77c2d9f05ffd8551dc7b57b84
GET /_nuxt/desktop/default/e7ea6c61.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 16803
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-41a3"
expires: Mon, 28 Nov 2022 12:12:45 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 57477
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/96e6ff21.modern.js
8.247.218.250200 OK 3.9 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/96e6ff21.modern.js
IP 8.247.218.250:0
File type ASCII text, with very long lines (17802), with no line terminators
Hash e3f81cc800c5cd212c1cbea67575fdbc
eadc125cf0dbf93bfe7d7d99bdc647097e40bb1d
a9eb7f8b3282694637a51cfe126761a5117af65357532d46d67851ee661024f1
GET /_nuxt/desktop/default/96e6ff21.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 3905
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-f41"
expires: Mon, 28 Nov 2022 12:12:45 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 57477
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
216.58.207.195200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:19:49 GMT
expires: Fri, 24 Nov 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 337852
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/f0cdb63c.modern.js
8.247.218.250200 OK 1.1 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/f0cdb63c.modern.js
IP 8.247.218.250:0
File type Unicode text, UTF-8 text, with very long lines (2451), with no line terminators
Hash b3891985de1832945a87c1ab8db6c71e
527836872393c1e10db39fdcde5925dc99948085
9ca8d26c24145db4e4d847140ccf7117a41a6a10030c5116aa46a2ab1aaf031f
GET /_nuxt/desktop/default/f0cdb63c.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 1061
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-425"
expires: Mon, 28 Nov 2022 09:23:49 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67613
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x86926289.top/domain-api/api/v1/domains/lite-1x86926289.top
178.253.14.164200 OK 86 B URL HTTP/2 lite-1x86926289.top/domain-api/api/v1/domains/lite-1x86926289.top
IP 178.253.14.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 6cfdac3a8d33b2508c9406e2ab1f3b5c
e3ac8dd93bdb3e0740eaaf7c20ce1ed4832bd8ed
af551b631c9a3990820bad4fee5ddc2e7ce66907c2e798347b77ba2a4935f02a
Analyzer Verdict Alert quad9 Sinkholed
GET /domain-api/api/v1/domains/lite-1x86926289.top HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/vnd.api+json
content-length: 86
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/390ec237.modern.js
8.247.218.250200 OK 5.4 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/390ec237.modern.js
IP 8.247.218.250:0
File type ASCII text, with very long lines (13517), with no line terminators
Hash 8cae159105c530eae2abc3d0e2886fe5
41e5028961e12aa601e5e84bc348dbdcdf4bdd27
31c64d32adf4c1368837e40aa2d54874ef3550c38b9fce5b5a16715c678432c8
GET /_nuxt/desktop/default/390ec237.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 5378
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-1502"
expires: Mon, 28 Nov 2022 09:24:10 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67597
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/b0ff0115.modern.js
8.247.218.250200 OK 26 kB URL HTTP/2 v3.traincdn.com/_nuxt/desktop/default/b0ff0115.modern.js
IP 8.247.218.250:0
File type Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Hash b37cdeceb55e4e0c1d5f1c3dcffd5ae5
f999b330840129d7f4cc1db45d310c3b0c30fd36
7d58c82cf8be3c37bbbf3d0117a8ff201afef6718ebd52771e5787f45c224d85
GET /_nuxt/desktop/default/b0ff0115.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 26112
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-6600"
expires: Mon, 28 Nov 2022 09:23:44 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67622
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x86926289.top/frontend-api/seo/seoText?url=https%3A%2F%2Flite-1x86926289.top%2Fus%2Flanding-page%2Flanding_first_deposit_bet26_p45_ar1&language=us
178.253.14.164200 OK 38 B URL HTTP/2 lite-1x86926289.top/frontend-api/seo/seoText?url=https%3A%2F%2Flite-1x86926289.top%2Fus%2Flanding-page%2Flanding_first_deposit_bet26_p45_ar1&language=us
IP 178.253.14.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 7e5f0649cceedb563f3037fcd2dc2629
e274dd8ff75b14d8b7d2d86cea5b8bc415de58ac
cc2d7c3416bb5bbb515f151fbf694edbc44b497fca10f87b61fb31ab0b43a548
Analyzer Verdict Alert quad9 Sinkholed
GET /frontend-api/seo/seoText?url=https%3A%2F%2Flite-1x86926289.top%2Fus%2Flanding-page%2Flanding_first_deposit_bet26_p45_ar1&language=us HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json; charset=utf-8
content-length: 38
access-control-allow-origin: *
etag: W/"26-4nTdj/dbFNi30ths6luLxBXeWKw"
server-timing: requestTime; dur=39.248805999999995; desc="req_t", renderTime; dur=39.255395; desc="rend_t", total; dur=39.765367999999995; desc="Total Response Time"
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/checker/redirect/stat/run/
178.253.14.164200 OK 49 B URL HTTP/2 lite-1x86926289.top/checker/redirect/stat/run/
IP 178.253.14.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b7a9075de81cdb1a9fa74fa71b5126dd
9d651f649e1c5eab95d3b0ca7cc9b02dec41df61
86877f86c7d18d59e54d73c43e6709a91a7f0a6a86980cada7f4b7e69c13cf20
Analyzer Verdict Alert quad9 Sinkholed
GET /checker/redirect/stat/run/ HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json; charset=utf-8
content-length: 49
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/web-api/external-api/getColorTheme
178.253.14.164200 OK 15 kB URL HTTP/2 lite-1x86926289.top/web-api/external-api/getColorTheme
IP 178.253.14.164:0
Hash 830072e159519c1f86ce31609df94ac7
7f6a06990d5eaafc19b8b48e54fb96a92d943405
6148a52552e442e034f5a5f5c46d8019ef6a6189d059d3d057decb93401e6895
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getColorTheme HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=46, dt_285;dur=754
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png
8.247.218.250200 OK 8.1 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png
IP 8.247.218.250:0
File type PNG image data, 243 x 144, 8-bit colormap, non-interlaced\012- data
Hash d2998762f0b00c9d1bcd90c28f0a5731
95553e4eff474b6a05ad4a6e00826ba4ab9b2c4e
09050bbfb49f160886714942b619eb95dbd92f2f6862f38aa685538f420591b8
GET /genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 8120
cache-control: public, max-age=120, s-maxage=600
etag: "d2998762f0b00c9d1bcd90c28f0a5731"
expires: Mon, 28 Nov 2022 04:04:51 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 511
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x86926289.top/web-api/external-api/getFirstDepositBonus
178.253.14.164200 OK 19 kB URL HTTP/2 lite-1x86926289.top/web-api/external-api/getFirstDepositBonus
IP 178.253.14.164:0
Hash 612bd9c1a38a890da47e0b23d57fbb45
807d9d32328d729a4c7530e375a869aebd3b560c
99d98bf916fb9cdd1532c9633c35832b9e7eb05e9038753db22c241dadebcb95
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=45, dt_285;dur=47
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/web-api/external-api/getFirstDepositBonus
178.253.14.164200 OK 34 kB URL HTTP/2 lite-1x86926289.top/web-api/external-api/getFirstDepositBonus
IP 178.253.14.164:0
Hash 2d8bee35fdd3accdd126b80e12535494
07c7519f24a522d41763db3e7a013f8f02ada641
4e6ff2efd96a93be1f681964e1abfa153d3ef31203fe3fd0ae94894a94a5ec4f
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=49, dt_285;dur=54
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png
8.247.218.250200 OK 168 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png
IP 8.247.218.250:0
File type PNG image data, 4455 x 2151, 8-bit/color RGBA, non-interlaced\012- data
Size 168 kB (168437 bytes)
Hash 514efcaa096bc870bbb55a0910327b9c
05f80f59b5eeb2e4cf409fc4b9d96ddec64b3e6f
a541dec3a5acfa154ce5716014bb463c6be72db6bf5ffb88dde95929e9670942
GET /genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 168437
cache-control: public, max-age=120, s-maxage=600
etag: "514efcaa096bc870bbb55a0910327b9c"
expires: Mon, 28 Nov 2022 04:11:56 GMT
last-modified: Wed, 01 Jun 2022 12:17:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 66
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png
8.247.218.250200 OK 119 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png
IP 8.247.218.250:0
File type PNG image data, 2052 x 1962, 8-bit/color RGBA, non-interlaced\012- data
Size 119 kB (119254 bytes)
Hash 0b72a6591ead9e9b95a118b411b9556a
6d43538a7c2167e9046d418e0707dba8f361fd1c
012b4965e861f6073a0496f55677715279f5799468c9aa4c3d92bdbbc5e0b67b
GET /genfiles/cms/1-285/desktop/footer/logos/logo-losc.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 119254
cache-control: public, max-age=120, s-maxage=600
etag: "0b72a6591ead9e9b95a118b411b9556a"
expires: Mon, 28 Nov 2022 04:07:50 GMT
last-modified: Fri, 09 Sep 2022 14:12:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 292
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/tundra_esports_white_300.png
8.247.218.250200 OK 4.8 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/tundra_esports_white_300.png
IP 8.247.218.250:0
File type PNG image data, 300 x 333, 8-bit colormap, non-interlaced\012- data
Hash a5890bc0bcaec72aa20c8aff34d9b780
5838db8aa1e45633a318302673e01b096f6a94d9
5b67017abd98aa5a6fe3c86aa2f74ef39ac53a6067aa4d9515f413813bd16857
GET /genfiles/cms/1-285/desktop/footer/logos/tundra_esports_white_300.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 4787
cache-control: public, max-age=120, s-maxage=600
etag: "a5890bc0bcaec72aa20c8aff34d9b780"
expires: Mon, 28 Nov 2022 04:07:28 GMT
last-modified: Fri, 28 Oct 2022 09:52:52 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 313
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png
8.247.218.250200 OK 9.9 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png
IP 8.247.218.250:0
File type PNG image data, 834 x 434, 8-bit/color RGBA, non-interlaced\012- data
Hash c14d0b72d2885c8ae4975e64ddb29a6f
3c31e0bb67f15daada51baf892c89ef0cd061146
657992cd544e48630d90afc0b957014f0ac4fad15789c7c18a937d5b71231967
GET /genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 9904
cache-control: public, max-age=120, s-maxage=600
etag: "c14d0b72d2885c8ae4975e64ddb29a6f"
expires: Mon, 28 Nov 2022 04:04:51 GMT
last-modified: Thu, 04 Aug 2022 17:36:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 511
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png
8.247.218.250200 OK 7.4 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png
IP 8.247.218.250:0
File type PNG image data, 169 x 183, 8-bit colormap, non-interlaced\012- data
Hash 8ea23d2a7c2e152564a43453425b3301
f6e61dbb4b90ab17f23130d79af095a1267b01c3
e193b50c6e3a1657a7c7e1100b941a43c90eeda8f9d56763318ac624eeba2cbd
GET /genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 7420
cache-control: public, max-age=120, s-maxage=600
etag: "8ea23d2a7c2e152564a43453425b3301"
expires: Mon, 28 Nov 2022 04:04:51 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 511
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png
8.247.218.250200 OK 149 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png
IP 8.247.218.250:0
File type PNG image data, 2187 x 3222, 8-bit/color RGBA, non-interlaced\012- data
Size 149 kB (149244 bytes)
Hash ab837a9cb89291146ad8b371c052fe8d
bf89d8ec4fa8ac43004ceb74bd49199aa3436ca2
14a017c6bf332ef819755c66546f9847b291c056239bc0289d92063fcd17648b
GET /genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 149244
cache-control: public, max-age=120, s-maxage=600
etag: "ab837a9cb89291146ad8b371c052fe8d"
expires: Mon, 28 Nov 2022 04:04:51 GMT
last-modified: Wed, 25 May 2022 11:38:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 511
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/games-images/ico-logo/white/desk/169.svg
8.247.218.250200 OK 72 kB URL HTTP/2 v3.traincdn.com/sfiles/games-images/ico-logo/white/desk/169.svg
IP 8.247.218.250:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (34355)
Hash 652a248846360cfc753157ac135e3833
546906b1e3df5ce7a3adefd3fcc937e20be9c3d2
10ccd9e4e374dbd44ba53c31bc581f964075da48cb728a07256e13839d8cc5b5
GET /sfiles/games-images/ico-logo/white/desk/169.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/svg+xml
content-length: 72004
cache-control: max-age=86400
content-encoding: gzip
etag: W/"f6505dc3eba72dc86dd6f5d3ad3783e6"
expires: Mon, 28 Nov 2022 14:21:34 GMT
last-modified: Wed, 16 Nov 2022 15:19:41 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-meta-origin-date-iso8601: 2022-11-16T14:16:25.000Z
age: 49763
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png
8.247.218.250200 OK 15 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png
IP 8.247.218.250:0
File type PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Hash 70e5105d03a74cc00cd9a0386fde303e
ffcd4fbcd486825d0d31e41cada108335b012d81
baabca03d9695b9475d7d0b4d736fbb093d21f2c03228a7704097e2bfb8e583a
GET /genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 14740
cache-control: public, max-age=120, s-maxage=600
etag: "70e5105d03a74cc00cd9a0386fde303e"
expires: Mon, 28 Nov 2022 04:07:50 GMT
last-modified: Fri, 07 May 2021 11:29:03 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 292
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png
8.247.218.250200 OK 169 kB URL HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png
IP 8.247.218.250:0
File type PNG image data, 4000 x 4000, 8-bit/color RGBA, non-interlaced\012- data
Size 169 kB (169025 bytes)
Hash ba6cf2e79cb532a105c8f34b1efbcb26
f05ff0a3895400ac928ac1cce6153f657e6f6d8f
8e3e826321588ba9cca7ed55a8c23ee2e64e007775a40f9f8878340b2788864e
GET /genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 169025
cache-control: public, max-age=120, s-maxage=600
etag: "ba6cf2e79cb532a105c8f34b1efbcb26"
expires: Mon, 28 Nov 2022 04:12:41 GMT
last-modified: Wed, 01 Jun 2022 12:16:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 329
accept-ranges: bytes
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 02:41:08 GMT
expires: Mon, 28 Nov 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 5373
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x86926289.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1669608641411
178.253.14.164200 OK 145 B URL HTTP/2 lite-1x86926289.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1669608641411
IP 178.253.14.164:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1669608641411 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x86926289.top/web-api/api/internal/v1/proof_of_age
178.253.14.164204 No Content 0 B URL HTTP/2 lite-1x86926289.top/web-api/api/internal/v1/proof_of_age
IP 178.253.14.164:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 04:10:42 GMT
cache-control: no-cache, private
server-timing: p;dur=43, dt_285;dur=49
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1591737896.1669608642&jid=1054944097&gjid=2087871467&_gid=1173194502.1669608642&_u=aGBAAUACQAAAACAAI~&z=239718254
142.251.1.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1591737896.1669608642&jid=1054944097&gjid=2087871467&_gid=1173194502.1669608642&_u=aGBAAUACQAAAACAAI~&z=239718254
IP 142.251.1.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1591737896.1669608642&jid=1054944097&gjid=2087871467&_gid=1173194502.1669608642&_u=aGBAAUACQAAAACAAI~&z=239718254 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://lite-1x86926289.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Nov 2022 04:10:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lite-1x86926289.top/web-api/external-api/config/all
178.253.14.164200 OK 8.8 kB URL HTTP/2 lite-1x86926289.top/web-api/external-api/config/all
IP 178.253.14.164:0
File type Unicode text, UTF-8 text, with very long lines (36947), with no line terminators
Hash 8c9e4c803af0b981a9b533799249f761
f05803b4229b42683ff78a11fe0643a7ba8c5cb1
286596edfdd1e8b2d15b22735245cca1347eb2da7780cbd96b43857ce55a4b49
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/external-api/config/all HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:42 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=62, dt_285;dur=65
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66>m=2oeb90&_p=1766993980&cid=1591737896.1669608642&ul=en-us&sr=1280x1024&_s=1&sid=1669608641&sct=1&seg=0&dl=https%3A%2F%2Flite-1x86926289.top%2Fus%2Flanding-page%2Flanding_first_deposit_bet26_p45_ar1&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66>m=2oeb90&_p=1766993980&cid=1591737896.1669608642&ul=en-us&sr=1280x1024&_s=1&sid=1669608641&sct=1&seg=0&dl=https%3A%2F%2Flite-1x86926289.top%2Fus%2Flanding-page%2Flanding_first_deposit_bet26_p45_ar1&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=2oeb90&_p=1766993980&cid=1591737896.1669608642&ul=en-us&sr=1280x1024&_s=1&sid=1669608641&sct=1&seg=0&dl=https%3A%2F%2Flite-1x86926289.top%2Fus%2Flanding-page%2Flanding_first_deposit_bet26_p45_ar1&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://lite-1x86926289.top
date: Mon, 28 Nov 2022 04:10:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lite-1x86926289.top/genfiles/web-app-v2/dictionary2/v3_landings/us/dictionary_519eda9366ff81209b4c2c6cd0857c85.json
178.253.14.164200 OK 492 B URL HTTP/2 lite-1x86926289.top/genfiles/web-app-v2/dictionary2/v3_landings/us/dictionary_519eda9366ff81209b4c2c6cd0857c85.json
IP 178.253.14.164:0
File type JSON data\012- , ASCII text, with very long lines (492), with no line terminators
Hash 39b2956fc0ad88842ccc08dce259606a
22169406f6747850a35eb0e03f883064074cd0a2
d921e7d4b9d5dc184dacf399f6d8d84b86f33fa3ff41368bbc3c469c22743cf8
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/web-app-v2/dictionary2/v3_landings/us/dictionary_519eda9366ff81209b4c2c6cd0857c85.json HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1920; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:42 GMT
content-type: application/json; charset=utf-8
content-length: 492
last-modified: Sun, 27 Nov 2022 10:06:15 GMT
x-rgw-object-type: Normal
etag: "39b2956fc0ad88842ccc08dce259606a"
cache-control: max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x86926289.top/web-api/external-api/config/getLangs
178.253.14.164200 OK 2.4 kB URL HTTP/2 lite-1x86926289.top/web-api/external-api/config/getLangs
IP 178.253.14.164:0
File type JSON data\012- , ASCII text, with very long lines (6941), with no line terminators
Hash 3734c256a68a0986eb72f600faa1de18
a39539031421edff7ce47cba9707f5d959e8d97a
11c75e73c4957208d6fd7bfc6bca0ec14c97ae3411063610af1dc8bdff50ae6a
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/config/getLangs HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:42 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=20, dt_285;dur=22
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 804c3c01e04e197bd1d791fe74b88dd5
0f698d6b7287661d5d5592e8c1ecbe005c45e145
4fb61747af6f8a35c3ff7ffd36fcf8c6b687ac74cfd2f42c45a1a64e4c382b45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1277
Cache-Control: max-age=111915
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:43 GMT
Etag: "638341f1-116"
Expires: Tue, 29 Nov 2022 11:15:58 GMT
Last-Modified: Sun, 27 Nov 2022 10:54:41 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 804c3c01e04e197bd1d791fe74b88dd5
0f698d6b7287661d5d5592e8c1ecbe005c45e145
4fb61747af6f8a35c3ff7ffd36fcf8c6b687ac74cfd2f42c45a1a64e4c382b45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1277
Cache-Control: max-age=111915
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:43 GMT
Etag: "638341f1-116"
Expires: Tue, 29 Nov 2022 11:15:58 GMT
Last-Modified: Sun, 27 Nov 2022 10:54:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278
lite-1x86926289.top/web-api/api/v3/landings/landing_first_deposit_bet26_p45_ar1
178.253.14.164200 OK 5.8 kB URL HTTP/2 lite-1x86926289.top/web-api/api/v3/landings/landing_first_deposit_bet26_p45_ar1
IP 178.253.14.164:0
File type JSON data\012- , ASCII text, with very long lines (27258), with no line terminators
Hash 8a988e9ce0773da4faead0e7f0df1086
f6a7817c48d0b08d6d08162d167c460bd6c57cb4
c7764f229c76a326626c0030ab22239c88a63ae328dc3c4378db13d900ad641a
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/v3/landings/landing_first_deposit_bet26_p45_ar1 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=153, dt_285;dur=154
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/web-api/external-api/getColorTheme
178.253.14.164200 OK 5.1 kB URL HTTP/2 lite-1x86926289.top/web-api/external-api/getColorTheme
IP 178.253.14.164:0
Hash 12c4276ee498dd51f940fc1f9adf1785
fbc6c394ec893049766c5d6f0fc1fbdd38387af6
e4cf8c2044cfc59a7601eb936fb9d216e9840f70f679da3e03628d01ba4163fa
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/getColorTheme HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:42 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=35, dt_285;dur=37
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/genfiles/cms/landings/1/background/75d5201f86cd721062ca3cece8cccef2.jpg
178.253.14.164200 OK 213 kB URL HTTP/2 lite-1x86926289.top/genfiles/cms/landings/1/background/75d5201f86cd721062ca3cece8cccef2.jpg
IP 178.253.14.164:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x960, components 3\012- data
Size 213 kB (213335 bytes)
Hash 5bc5c598ad0496b414449329bd96c894
e4ef3956711d1f70af92264218d3644211a656d1
0e5b7015215ce7efeeaf7265679087cc7255747764d6d66d0ad21d2a05d93a92
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/landings/1/background/75d5201f86cd721062ca3cece8cccef2.jpg HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: image/jpg
content-length: 213335
last-modified: Thu, 30 Jul 2020 08:35:25 GMT
x-rgw-object-type: Normal
etag: "5bc5c598ad0496b414449329bd96c894"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x86926289.top/genfiles/cms/landings/1/promo_block/a5585c7d10920cdd1359f362a3e17af3.png
178.253.14.164200 OK 1.6 kB URL HTTP/2 lite-1x86926289.top/genfiles/cms/landings/1/promo_block/a5585c7d10920cdd1359f362a3e17af3.png
IP 178.253.14.164:0
File type PNG image data, 68 x 73, 8-bit/color RGBA, non-interlaced\012- data
Hash 2f002d83a39c0006f16d56c0299716ed
43e07f06140060cdfe0a3e6fcb89d7c6bbb7b5d3
7bd8249d406a4619ad5be8b919ba4a5072300ddf0dc3f3b1632d4d9664b0e341
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/landings/1/promo_block/a5585c7d10920cdd1359f362a3e17af3.png HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: image/png
content-length: 1631
last-modified: Thu, 30 Jul 2020 08:35:25 GMT
x-rgw-object-type: Normal
etag: "2f002d83a39c0006f16d56c0299716ed"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x86926289.top/genfiles/cms/landings/1/promo_block/04494d922ba6a61f11e879cd153436b4.png
178.253.14.164200 OK 2.3 kB URL HTTP/2 lite-1x86926289.top/genfiles/cms/landings/1/promo_block/04494d922ba6a61f11e879cd153436b4.png
IP 178.253.14.164:0
File type PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced\012- data
Hash 1af84ad0257f8dd762719dc38067f600
9007c4e66ec90171179a4d32810047f9103f7fc8
00a3719f93f2e7a32e9c44d0bba2177c10f39164bc616c84145951723b2bf8e3
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/landings/1/promo_block/04494d922ba6a61f11e879cd153436b4.png HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: image/png
content-length: 2320
last-modified: Thu, 30 Jul 2020 08:35:25 GMT
x-rgw-object-type: Normal
etag: "1af84ad0257f8dd762719dc38067f600"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x86926289.top/genfiles/cms/landings/1/promo_block/5543e4485225f5aa96ce55f167d574da.png
178.253.14.164200 OK 3.7 kB URL HTTP/2 lite-1x86926289.top/genfiles/cms/landings/1/promo_block/5543e4485225f5aa96ce55f167d574da.png
IP 178.253.14.164:0
File type PNG image data, 69 x 76, 8-bit colormap, non-interlaced\012- data
Hash b12826d25ed15e1d17a187b9c15960fe
cb181377448ab5925dd549ccb7ed570f92dfe69f
57b4ed9dfcb5bb2787b1bc71bc6c7795e15ac52c9cc811f70046797b4ae63c4f
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/landings/1/promo_block/5543e4485225f5aa96ce55f167d574da.png HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: image/png
content-length: 3728
last-modified: Thu, 30 Jul 2020 08:35:25 GMT
x-rgw-object-type: Normal
etag: "b12826d25ed15e1d17a187b9c15960fe"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x86926289.top/genfiles/cms/landings/1/promo_block/5b89caa14a3131e0db3d9d97b684bf1b.png
178.253.14.164200 OK 2.8 kB URL HTTP/2 lite-1x86926289.top/genfiles/cms/landings/1/promo_block/5b89caa14a3131e0db3d9d97b684bf1b.png
IP 178.253.14.164:0
File type PNG image data, 77 x 80, 8-bit colormap, non-interlaced\012- data
Hash 64bd2abaa6fb6fbe0a195955f684de79
192d8248e7c81840401e3e1567049c45bd34dba7
5a5ed431d157bbe2d84d51dc795605b10d4b8920bb754e815d36c14a54f000ad
Analyzer Verdict Alert quad9 Sinkholed
GET /genfiles/cms/landings/1/promo_block/5b89caa14a3131e0db3d9d97b684bf1b.png HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: image/png
content-length: 2809
last-modified: Thu, 30 Jul 2020 08:35:25 GMT
x-rgw-object-type: Normal
etag: "64bd2abaa6fb6fbe0a195955f684de79"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x86926289.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=us&fCountry=137
178.253.14.164200 OK 46 kB URL HTTP/2 lite-1x86926289.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=us&fCountry=137
IP 178.253.14.164:0
Hash 55fb5e87d8db13bd6fdd603a15621e32
4bbc484504a1b0cf96dc287938a7e11606937041
7f0cc8fc4b8ccc1d9b1f8c6682606040a33863ad854f784b69f0fd376c8310b6
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=us&fCountry=137 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=96, dt_285;dur=98
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/static-promotion/img/info_one_2.0953b4a.png
178.253.14.164200 OK 84 kB URL HTTP/2 lite-1x86926289.top/static-promotion/img/info_one_2.0953b4a.png
IP 178.253.14.164:0
File type PNG image data, 725 x 645, 8-bit/color RGBA, non-interlaced\012- data
Hash ae2439f89e885326af7b19a25a88abc2
02a368a0c0c7a66870d40dd6321209b93c38f745
12583aa385542195dc44716d31f39c4f5fb95577584c30e398366edc7d137bfe
Analyzer Verdict Alert quad9 Sinkholed
GET /static-promotion/img/info_one_2.0953b4a.png HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: image/png
content-length: 84546
last-modified: Sat, 26 Nov 2022 13:54:58 GMT
etag: "63821ab2-14a42"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2
lite-1x86926289.top/translation-api/by-lang/us
178.253.14.164200 OK 71 kB URL HTTP/2 lite-1x86926289.top/translation-api/by-lang/us
IP 178.253.14.164:0
Hash 6fff7912821e3415f7deee8404a20ae1
67f284e057865f7f1e1a58d3f2f5606050d34b43
ca21235c0a8cb97495d3de6bc0ededc7b12788aa93ab9c5ce7e058a8c753bc90
Analyzer Verdict Alert quad9 Sinkholed
GET /translation-api/by-lang/us HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1920; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:42 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 300ba2bd11eefb4b5b9ba5b9d56c6cca
55c9d2899b16945f329d0dacc021161038629988
a866abff0b6b5c6ed6758f1208f106d8f00c7f16fa07f2a676301cce8301e964
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4254
x-amzn-requestid: 9c63d2a1-e805-4114-8875-fc1dc022c047
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHopoAMFq0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-395ca7b76b364c11172fbdd6;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tFKbj-Jui_NW_73l_-W1Ja9sHqNKCSA3P8O3IZR38idkSAACjsnIMw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:49 GMT
etag: "55c9d2899b16945f329d0dacc021161038629988"
content-type: image/jpeg
age: 22438
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
178.253.14.164200 OK 0 B URL HTTP/2 lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
IP 178.253.14.164:0
Analyzer Verdict Alert quad9 Sinkholed
GET /us/landing-page/landing_first_deposit_bet26_p45_ar1 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=495;desc="Nuxt Server Time", dt_285;dur=502
set-cookie: platform_type=desktop; Path=/; Expires=Thu, 01 Dec 2022 04:10:38 GMT
SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; Path=/; HttpOnly; Secure; SameSite=Lax
lng=us; Path=/
auid=sv0OpGOENL+Xqoj4BDXLAg==; expires=Tue, 28-Nov-23 04:10:39 GMT; path=/
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/web-api/api/converslon/load
178.253.14.164200 OK 0 B URL HTTP/2 lite-1x86926289.top/web-api/api/converslon/load
IP 178.253.14.164:0
Analyzer Verdict Alert quad9 Sinkholed
GET /web-api/api/converslon/load HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=28, dt_285;dur=31
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/web-api/external-api/config/all
178.253.14.164200 OK 0 B URL HTTP/2 lite-1x86926289.top/web-api/external-api/config/all
IP 178.253.14.164:0
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/external-api/config/all HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:40 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=70, dt_285;dur=73
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
178.253.14.164200 OK 0 B URL HTTP/2 lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
IP 178.253.14.164:0
Analyzer Verdict Alert quad9 Sinkholed
GET /promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
etag: "130d-ufE1HZAKlvtuN9B7jrneLvpL/Z8"
server-timing: dt_285;dur=3
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
lite-1x86926289.top/web-api/g/859f637437984de335c1d3bc07b1957bed4cdf03
178.253.14.164200 OK 0 B URL HTTP/2 lite-1x86926289.top/web-api/g/859f637437984de335c1d3bc07b1957bed4cdf03
IP 178.253.14.164:0
Analyzer Verdict Alert quad9 Sinkholed
POST /web-api/g/859f637437984de335c1d3bc07b1957bed4cdf03 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://lite-1x86926289.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=28, dt_285;dur=30
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2