Report - lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45

Report Overview

Submitted URL
lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
IP
178.253.14.164
ASN
#0
Submitted
2022-11-28 04:10:51
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
76

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	6.3 kB	142.250.74.35
lite-1x86926289.top	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	28 kB	896 kB	178.253.14.164
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.7 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.8 kB	104.18.32.68
v3.traincdn.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	2.2 MB	8.247.218.250
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	61 kB	216.58.207.195
radar.cedexis.com	3035	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	19 kB	45.54.49.5
region1.google-analytics.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	751 B	566 B	216.239.34.36
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.36.77.32
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	574 B	2.9 kB	142.250.74.10
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.8 kB	59 kB	34.120.237.76
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	389 B	45 kB	142.250.74.168
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	615 B	711 B	142.251.1.155
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	21 kB	142.250.74.174
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.167.231.108

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed
2022-11-28	medium	lite-1x86926289.top	Sinkholed

JavaScript (35)

	URL	Size	First Seen	Last Seen
	lite-1x86926289.top/static-promotion/009bd2a.modern.js	428 kB	2023-03-11	2023-03-11
Pretty URL lite-1x86926289.top/static-promotion/009bd2a.modern.js IP 178.253.14.164 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:44:25 Times Seen1 Hash dad2f4feecedd005baa262d68bfb70db db81ad6bac72e53e25d406dd8a8a357342a0b385 4aa25f7a433411af2002b3dfa6cd578b79bcad03fa4c60f7266efd49ddd9a313 Loading...

	lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1	702 B	2023-03-07	2024-02-05
Pretty URL lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1 IP 178.253.14.164 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:47 Last Seen2024-02-05 23:23:56 Times Seen126 Hash 0e9165fb92460d96f7a0649386dcdffb 549e55d2990816b5e4d699c35d1ad56a33a1a341 8f732e0ef5d47fa6d56dbe1311a218b659fddc0e57c7b1f7e8240cce6d88d984 Loading...

	www.google-analytics.com/gtm/js?id=GTM-5R4MT54&t=gtag_UA_178408567_1&cid=1591737896.1669608642	112 kB	2023-03-11	2023-03-11
Pretty URL www.google-analytics.com/gtm/js?id=GTM-5R4MT54&t=gtag_UA_178408567_1&cid=1591737896.1669608642 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:44:25 Times Seen1 Hash 8eac7b506e5a056c3dc2a6b20f7377dc f8ab20319eb5ee740194ab869351b4cbb3b23d28 f4e6b13a9d4f43a67db17e4bbc6a8e7cebeb3af5c5f442b72e214b8fa07f855f Loading...

	lite-1x86926289.top/static-promotion/2547d7e.modern.js	8.5 kB	2023-03-11	2023-03-11
Pretty URL lite-1x86926289.top/static-promotion/2547d7e.modern.js IP 178.253.14.164 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:44:25 Times Seen1 Hash 94f3d17b9af0dcda6d7a3281f3a223fb e85b5d6de33ea64b25428210d7cb87a5ff30930b ae380ac6db2ed4e38377ad9810b0d687542a375accb10d4332a3eebfa2e5d20d Loading...

	lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1	407 kB	2023-03-11	2023-03-11
Pretty URL lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1 IP 178.253.14.164 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:44:25 Times Seen1 Hash 2d967b2e0d68f643134a594c69f371ad 4ecd03526914c0478e661e8f13130a680d7034a5 e3daea2be50cc6753c13037de20327f3211c79ff5ca080d72a2b1167b22cbbab Loading...

	v3.traincdn.com/_nuxt/desktop/default/02b93193.modern.js	17 kB	2023-03-11	2023-03-11
Pretty URL v3.traincdn.com/_nuxt/desktop/default/02b93193.modern.js IP 8.247.218.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:32:03 Last Seen2023-03-11 21:52:06 Times Seen1 Hash 5027e4c9e2944b835e64ff5e1306108d 82d9a01b09a3b28edf2c55302a245d8a1dc60267 58aeaf69029509baacf8e188a194fd70d33fd11c47b8230c14e622c7348064b0 Loading...

	v3.traincdn.com/_nuxt/desktop/default/96e6ff21.modern.js	18 kB	2023-03-11	2023-03-11
Pretty URL v3.traincdn.com/_nuxt/desktop/default/96e6ff21.modern.js IP 8.247.218.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:32:03 Last Seen2023-03-11 21:52:06 Times Seen1 Hash 03522ff1306d8974c04c65eece51f377 bc316428ca6a08cc3f63f23bf9719303c7b069be eaf67311c3977d5248d60fa91ee6839bf686d408a413feb32e426c18867673f3 Loading...

	suphelper.com/widget/injector.js	168 kB	2023-03-11	2023-03-11
Pretty URL suphelper.com/widget/injector.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:58:44 Last Seen2023-03-11 22:51:57 Times Seen1 Hash efe5d648183e284df4b22ee9c120c12c 96177d14c79d51a40f7cc324f1829e2a52a5822d 0e93bf8938b4faa8eb5b2fbd2f829ab53879d6dc6ba80193a60e5ba3f2b89d75 Loading...

	suphelper.com/widget/?build=1669130757429&lang=en-GB&langInited=true&opener=full	441 B	2023-03-07	2024-01-20
Pretty URL suphelper.com/widget/?build=1669130757429&lang=en-GB&langInited=true&opener=full IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:52 Last Seen2024-01-20 20:21:10 Times Seen1475 Hash 562c0a945070f06a208058106238c55f c5b09a8a2efe65342f36dfe49c26b717eeed82de e98fce7d083f719412d5e10b42e777b4bd0c7bf4b83e2a151de5500bd044f2cb Loading...

	suphelper.com/widget/public/chunk.c7f2071bff54c609374c.js	1.4 MB	2023-03-08	2023-03-11
Pretty URL suphelper.com/widget/public/chunk.c7f2071bff54c609374c.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:08:24 Last Seen2023-03-11 22:51:56 Times Seen1 Hash a55c78318cabcdfeba37cae1eb353d01 d22bae57a43f9d04b65469de5aed8593aea4169f 26a419068988a09fdc27125c23fbd523cdfa0c611474e3dc6841d91e53115961 Loading...

	lite-1x86926289.top/static-promotion/43014a8.modern.js	236 kB	2023-03-11	2023-03-11
Pretty URL lite-1x86926289.top/static-promotion/43014a8.modern.js IP 178.253.14.164 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:44:25 Times Seen1 Hash c53424b2cebaa2f2ef9de9d1138827ce dc04ac85a793898a6810e1276426963fadf1125e 5d4f22f10a66cde5f173e6a5f0479c604a47058d973fd5ef138f9d1d98b9eb68 Loading...

	lite-1x86926289.top/static-promotion/2c17dbf.modern.js	362 kB	2023-03-11	2023-03-11
Pretty URL lite-1x86926289.top/static-promotion/2c17dbf.modern.js IP 178.253.14.164 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:44:25 Times Seen1 Hash 44b1119cfb5da4d17dd51c815c64fbc8 1be9e53349982f241bd723000a2eb6c74df69a7d f9c5a811f4ea3d6e2b44f9ee2ec6f98752f0a908b1906bd1a191ac7ec06c1685 Loading...

	lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1	313 B	2023-03-07	2023-04-01
Pretty URL lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1 IP 178.253.14.164 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:09 Last Seen2023-04-01 10:25:04 Times Seen15 Hash 494ab8c88e9a8cfd9aa511a663c925c6 4816e303ad4a09ef00d54305b7b9e2e51c9bff4e 9de249453f6780a3274d7fae16d04d230aa9a5b70b57c7d094bbd764ceb8cf4e Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-05-05
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-05-05 19:10:17 Times Seen1641 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c	236 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:44:25 Times Seen1 Hash 83ff682f68cad6130f20917a60320462 1e9e1fa5f4e75fab975855617e20465edcad0ec0 463423b953002f8c5ffa7cf8992515fd6368cff0102fe62045683f1786152450 Loading...

	lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1	414 B	2023-03-11	2023-03-11
Pretty URL lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1 IP 178.253.14.164 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:44:25 Times Seen1 Hash e6eeb907f34865d5a9c8fcafbb07ffd7 b356a87a374f7af02b227a8fb08e342893fb9a91 94acfa13ada90fcfd28ffcd4b6ed07f9fc3b07397deceb3963178682292d9100 Loading...

	v3.traincdn.com/_nuxt/desktop/default/12df164d.modern.js	4.6 kB	2023-03-11	2023-03-11
Pretty URL v3.traincdn.com/_nuxt/desktop/default/12df164d.modern.js IP 8.247.218.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:44:25 Times Seen1 Hash fe1925cafd7011ddac9f17bba5fd41c3 fcad90f78f93391c23bb12cfa18af7a3e833c709 0e25526ccc8295a5743f093f30b94f9627992259188b52b0c0ccc3877f7c8b1b Loading...

	v3.traincdn.com/_nuxt/desktop/default/abf3835a.modern.js	2.5 kB	2023-03-11	2023-03-11
Pretty URL v3.traincdn.com/_nuxt/desktop/default/abf3835a.modern.js IP 8.247.218.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:32:03 Last Seen2023-03-11 21:52:06 Times Seen1 Hash 05bbb9b5d4771a6520a16014e124011e 80b4ccf8b9a5133f4bce83f4d35c6b56017d953d 47fa50a570c72b0af36e36eb3bdc4e0b20bd75632a97c5d9611edae985fbd693 Loading...

	v3.traincdn.com/_nuxt/desktop/default/390ec237.modern.js	14 kB	2023-03-11	2023-03-11
Pretty URL v3.traincdn.com/_nuxt/desktop/default/390ec237.modern.js IP 8.247.218.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:32:04 Last Seen2023-03-11 21:52:06 Times Seen1 Hash a329e2a08e854a21895eb0847dc3f806 d6112168c1da430baf4f83d9d4126588b608b363 b2abb0fe9c1754a31b220c31c40d3eeeb3a411fd547425eedb3ced9d28b5c95c Loading...

	lite-1x86926289.top/static-promotion/1a7803d.modern.js	26 kB	2023-03-11	2023-03-11
Pretty URL lite-1x86926289.top/static-promotion/1a7803d.modern.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:44:25 Times Seen1 Hash 9ad1c5487eee619aae149de88ada9702 bb3663d6544b5d0c0baba7293f3f1aa96a44722c 6d9f5943ca2323e3d1b9c82cdfee3f9e36cad45f9b6d18fdaa7b167190cf8b28 Loading...

	radar.cedexis.com/1593429750/radar.js	45 kB	2023-03-07	2023-11-16
Pretty URL radar.cedexis.com/1593429750/radar.js IP 45.54.49.5 ASN #63911 NetActuate, Inc Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:20 Last Seen2023-11-16 11:36:04 Times Seen2664 Hash f0bad4e1f4843352017e0dcec735975a 7708b6d1c3966fda619af0bfb64d5c14b85e5da9 79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390 Loading...

	v3.traincdn.com/_nuxt/desktop/default/f0cdb63c.modern.js	2.5 kB	2023-03-11	2023-03-11
Pretty URL v3.traincdn.com/_nuxt/desktop/default/f0cdb63c.modern.js IP 8.247.218.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:32:03 Last Seen2023-03-11 21:52:06 Times Seen1 Hash f56f0de8840f74fe835c3bb9a6a18315 60e39dd6543c169cf945e7bad94c5d61f8d0c216 71ff254e46a3c0166ad2ab31683292193415639ca6fc7f3cd5743e5c1177d2fc Loading...

	lite-1x86926289.top/static-promotion/e0372d4.modern.js	1.9 kB	2023-03-11	2023-03-11
Pretty URL lite-1x86926289.top/static-promotion/e0372d4.modern.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:44:25 Times Seen1 Hash 45eda3f220619cedf60bbd44e4532c61 d3e3227593670607ad73d3228d8b933e8fce3242 18c81ab4d59508efca543991e344ae3a65efbe0f118a8ffed14225c5e20f0997 Loading...

	unknown	0 B	2023-03-07	2024-05-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-07 16:50:54 Times Seen37412007 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1	795 B	2023-03-08	2024-02-13
Pretty URL lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1 IP 178.253.14.164 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:10:50 Last Seen2024-02-13 14:23:26 Times Seen2399 Hash d142026b9af7316cb97a9331199c8cf2 4ffe70e80a10f689006b1e3a518019fdc077f2b2 519b6d15761517d0ecc72fb32c0e4c6479ed232c8cd01985a3bd963a26233a9f Loading...

	lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1	136 B	2023-03-07	2024-05-03
Pretty URL lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1 IP 178.253.14.164 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:09 Last Seen2024-05-03 04:24:08 Times Seen282 Hash 1d82394dbefeb520c846a4f8cd04f272 386231475cfc8d025bbf876b5968e2188e294d1f f550e68574bcfe2c9b2cbc83dedaa5eefecd539867e7eaafbbd4511b8d66ba03 Loading...

	v3.traincdn.com/_nuxt/desktop/default/95bde23c.modern.js	2.7 MB	2023-03-11	2023-03-11
Pretty URL v3.traincdn.com/_nuxt/desktop/default/95bde23c.modern.js IP 8.247.218.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:52:06 Times Seen1 Hash aa084349bd442867dabf429f0a0ac05a aea9616f15bfc93e851340bb0d628d1a88ab3530 4731ced8e548fbe61bde6be333275658e8664e691907a68016eac62ad4dcde54 Loading...

	v3.traincdn.com/_nuxt/desktop/default/265bc171.modern.js	2.4 MB	2023-03-11	2023-03-11
Pretty URL v3.traincdn.com/_nuxt/desktop/default/265bc171.modern.js IP 8.247.218.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:32:04 Last Seen2023-03-11 21:52:06 Times Seen1 Hash 6887b5782bcc1088f009db031e36e54e b32aebaba438c3907cbe9636360744ef5679d9b1 4829e41bfaeed14a537d61f1e695fc13a85443c5094173bea28578aee3dd1a91 Loading...

	suphelper.com/widget/?build=1669130757429&lang=en-GB&langInited=true&opener=full	203 B	2023-03-07	2024-01-20
Pretty URL suphelper.com/widget/?build=1669130757429&lang=en-GB&langInited=true&opener=full IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:26:52 Last Seen2024-01-20 20:21:11 Times Seen1389 Hash c762ec1a23a59894a334b9bb9fb7fa41 8751a4d124eb7a0ac54097933749b73b7a0409c0 6fd4ec66c226d3bd937a8620622453b33ab935ae30c6bbcf6cc9d62f69804ecf Loading...

	suphelper.com/widget/api/i18n-source/en-GB.js?bn=1669130757429	11 kB	2023-03-07	2023-03-25
Pretty URL suphelper.com/widget/api/i18n-source/en-GB.js?bn=1669130757429 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 23:50:04 Last Seen2023-03-25 23:59:37 Times Seen9 Hash 6a9b24361d21ec5751af0bf2964d4fc6 bc058466f4b7e91d55996f239557466561efed62 5b493621ae5785f78b83a4ac33f8df4a055ed1621e2b9fa417f5942029975302 Loading...

	lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1	105 B	2023-03-07	2023-03-30
Pretty URL lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1 IP 178.253.14.164 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:47 Last Seen2023-03-30 00:01:20 Times Seen3 Hash 72517e2646cbdee8bf334c9399465c9f 001b80a7f54d6e082ccdfad8a500481b950fe805 3fa7a35f54cd29d6c0b355222a5b0cd7233f22e951b3d14b5303e9e734887628 Loading...

	v3.traincdn.com/_nuxt/desktop/default/d4b35b6a.modern.js	285 kB	2023-03-11	2023-03-11
Pretty URL v3.traincdn.com/_nuxt/desktop/default/d4b35b6a.modern.js IP 8.247.218.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:32:03 Last Seen2023-03-11 21:52:06 Times Seen1 Hash 62da4e391a5e0341c05246372bb11f4e ba989a118c3dc97a1904714d87cfe177552fceeb 90e726c7774f6cb177da8864e18ca913e9ac3d4a1af933d4095b53ab4b32d2e5 Loading...

	www.googletagmanager.com/gtag/js?id=UA-178408567-1	115 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=UA-178408567-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:44:25 Times Seen1 Hash 283364192a14675fdd5d23bff57fbd74 592851dc3d2d0bfe071ffbc06483f363bc6b4bfb 7abc41c9c037764927ccb5ab6417ca7d3283988a3fd9f3ced04eb85ab9689647 Loading...

	v3.traincdn.com/_nuxt/desktop/default/e7ea6c61.modern.js	56 kB	2023-03-11	2023-03-11
Pretty URL v3.traincdn.com/_nuxt/desktop/default/e7ea6c61.modern.js IP 8.247.218.250 ASN #3356 LEVEL3 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 21:32:03 Last Seen2023-03-11 21:52:06 Times Seen1 Hash 861d768f7b88fcd26a5599804ffd42e1 afed4e0cd320efca3e2ceb2e87a1de42bf21f8e6 1e6e32cdda14669883679861a3991ac07bce520eb5d81533d3d887d7fcd7fa22 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 68410548dc45ff82647b754554945c59	5.1 kB	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 21:44:25 Last Seen2023-03-11 21:44:25 Times Seen1 Hash 68410548dc45ff82647b754554945c59 262bd4aaea3052dad69b0fb98752a3ac74830b28 6450f646354403d3c05a07f7a4d73160ca861a00afa51a4b40da2f89d792fed0 Loading...

HTTP Transactions (112)

URL IP Response Size

lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1

178.253.14.164

301 Moved Permanently

162 B

URL HTTP/1.1
lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
IP
178.253.14.164:0
ASN
#0

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /us/landing-page/landing_first_deposit_bet26_p45_ar1 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 28 Nov 2022 04:10:38 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10062
Expires: Mon, 28 Nov 2022 06:58:20 GMT
Date: Mon, 28 Nov 2022 04:10:38 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4706
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:38 GMT
Last-Modified: Mon, 28 Nov 2022 02:52:12 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8761
Expires: Mon, 28 Nov 2022 06:36:39 GMT
Date: Mon, 28 Nov 2022 04:10:38 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 03:19:31 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3067
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: RrbG4zuI/0TOuLG1vzNy2bzEWnCGludbbKpGAnqQwsiyhzhQnIAPlu/s4PWImC2LqvlrUAjtDnk=
x-amz-request-id: 7C73XB1FR51QSSFV
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 03:44:53 GMT
age: 1545
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
b42002337f07dfcb0f18ba3c65c307ec
a9ff67aad0dd206a816e8d4a5cf4939c6785f01b
f7e2680f00eab605df14d421305322dd4f79f2e5910fc55d8f8d700e6830829d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F7E2680F00EAB605DF14D421305322DD4F79F2E5910FC55D8F8D700E6830829D"
Last-Modified: Sun, 27 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10617
Expires: Mon, 28 Nov 2022 07:07:35 GMT
Date: Mon, 28 Nov 2022 04:10:38 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:38 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 03:11:12 GMT
cache-control: public,max-age=3600
age: 3566
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4287
Cache-Control: max-age=108460
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:39 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:18:19 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

142.250.74.10

200 OK

2.2 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
2.2 kB (2160 bytes)
Hash
eb929cb635515b60adc09bd0570df0ef
045ba79e263c623d799c48e6c65d6a981b4f64cb
d837f8675302f107945e88f7b564d8e2f453bb544f040eb9e47b3f67de9df345

HTTP Headers

GET /css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 04:10:39 GMT
date: Mon, 28 Nov 2022 04:10:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lite-1x86926289.top/static-promotion/2547d7e.modern.js

178.253.14.164

200 OK

4.5 kB

URL HTTP/2
lite-1x86926289.top/static-promotion/2547d7e.modern.js
IP
178.253.14.164:0
ASN
#0

File type
ASCII text, with very long lines (8450), with no line terminators
Size
4.5 kB (4504 bytes)
Hash
be48c9d2aed2aae123785bee4d5d1809
93bcd602282d864208fc7c75d657d4e08ed0ed1a
8f112ba0b4284d636916b5c004efce1da374a925d466fa08f227db3717d11213

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/2547d7e.modern.js HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 4504
last-modified: Sat, 26 Nov 2022 13:54:58 GMT
vary: Accept-Encoding
etag: "63821ab2-1198"
content-encoding: gzip
expires: Mon, 28 Nov 2022 05:10:39 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/static-promotion/43014a8.modern.js

178.253.14.164

200 OK

80 kB

URL HTTP/2
lite-1x86926289.top/static-promotion/43014a8.modern.js
IP
178.253.14.164:0
ASN
#0

File type
ASCII text, with very long lines (65485)
Size
80 kB (80493 bytes)
Hash
f2ff4b220c7fb76b7f0dbee278b1bd5a
11a444a7dd2255ae88dd5e9fa65dfda1d63ecc2c
5798ce52fb6419d27e804d9df7cb4b6ce15128aac862b21f09420d93666fe34f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/43014a8.modern.js HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 80493
last-modified: Sat, 26 Nov 2022 13:54:58 GMT
vary: Accept-Encoding
etag: "63821ab2-13a6d"
content-encoding: gzip
expires: Mon, 28 Nov 2022 05:10:39 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/static-promotion/2c17dbf.modern.js

178.253.14.164

200 OK

100 kB

URL HTTP/2
lite-1x86926289.top/static-promotion/2c17dbf.modern.js
IP
178.253.14.164:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (65405)
Size
100 kB (99499 bytes)
Hash
63655f20282fe8dd39aef2624ce8559e
bd5514f692ac64b0ba95b53cbbe020810d5ec990
01c074c719613a4c27967fd1b370739a8733888095d17dbef92f228afde17f5a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/2c17dbf.modern.js HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 99499
last-modified: Sat, 26 Nov 2022 13:54:58 GMT
vary: Accept-Encoding
etag: "63821ab2-184ab"
content-encoding: gzip
expires: Mon, 28 Nov 2022 05:10:39 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/static-promotion/009bd2a.modern.js

178.253.14.164

200 OK

130 kB

URL HTTP/2
lite-1x86926289.top/static-promotion/009bd2a.modern.js
IP
178.253.14.164:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (64918), with no line terminators
Size
130 kB (130403 bytes)
Hash
7cf7f0ac4b4abc102965d67df2737bb1
95a9abc66a6f1a33536dc5f1ba67313709a77157
758296e9a905844be4f36874ac505187ef20242969e9ed213359e2b19d4baaae

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/009bd2a.modern.js HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 130403
last-modified: Sat, 26 Nov 2022 13:54:58 GMT
vary: Accept-Encoding
etag: "63821ab2-1fd63"
content-encoding: gzip
expires: Mon, 28 Nov 2022 05:10:39 GMT
cache-control: max-age=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.167.231.108

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.167.231.108:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3P/E6gMuJ4cNLbv+2nuLaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: NI3nxVSLzwB862F8c9Kv9zwKwJM=

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
921c0c6b30dd06fbaaeb97ce0a867b4b
aa5fcd224b345e4f59c9b45f362d8ca630d3804e
71370ee9578ec44382dd1ee2bfd8c46f5051787a529722e8ad09bce38b425545

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:10:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:03:06 GMT
Expires: Sun, 04 Dec 2022 15:03:05 GMT
Etag: "aa5fcd224b345e4f59c9b45f362d8ca630d3804e"
Cache-Control: max-age=556945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7710414d1a19b512-OSL

v3.traincdn.com/_nuxt/desktop/default/265bc171.modern.js

8.247.218.250

200 OK

533 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/265bc171.modern.js
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
533 kB (533300 bytes)
Hash
fee06e1b75894be84a0f889b7e45c87f
3b814d62efaad007a466f5124dd6a6b2f5b10b1b
dc0b5efbb99d403aa349da823f17b903e8e4b9cd6db002a3930c2838870a762a

HTTP Headers

GET /_nuxt/desktop/default/265bc171.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 533300
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-82334"
expires: Mon, 28 Nov 2022 08:44:57 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 69943
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/6f22b392.css

8.247.218.250

200 OK

217 B

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/6f22b392.css
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (408), with no line terminators
Size
217 B (217 bytes)
Hash
2919a82ca1101572edf5510b83ab9804
6a276686d4a07a24347e3287f74824d17c200856
6fa9791ee17a6e3546381e4df7a59fc62b17fd0eec052a61e88d60c18ad85f08

HTTP Headers

GET /_nuxt/desktop/default/css/6f22b392.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: text/css
content-length: 217
cache-control: max-age=86400
content-encoding: gzip
etag: "6381d6d7-d9"
expires: Mon, 28 Nov 2022 08:32:17 GMT
last-modified: Sat, 26 Nov 2022 09:05:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 70702
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg

8.247.218.250

200 OK

698 B

URL HTTP/2
v3.traincdn.com/genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Size
698 B (698 bytes)
Hash
baf96800254904a05eee2ff49c94a801
847efb3449a8d7857f004192310aa2164a71d530
0ba137aa5f655e712ac40a592f366d1bd3b53b0a6b71c2cff4e7e0090f440335

HTTP Headers

GET /genfiles/cms/pg/285/images/e2e1a81329ec0acf4e446b6fc70e4cf1.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: image/svg+xml
content-length: 698
cache-control: public, max-age=120, s-maxage=600
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Mon, 28 Nov 2022 04:08:40 GMT
last-modified: Thu, 13 Jan 2022 14:28:56 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 240
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/8c439d72.css

8.247.218.250

200 OK

49 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/8c439d72.css
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
49 kB (48550 bytes)
Hash
3e873710ef49cd86bb7fcad31400b810
2ad2afd41cd45cdb28412fb3f06f03ad9f156e59
a0131225a6e64e48ad62e143cf6c8a41cf6f05f05ec9b03185cd311c2805bb13

HTTP Headers

GET /_nuxt/desktop/default/css/8c439d72.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: text/css
content-length: 48550
cache-control: max-age=86400
content-encoding: gzip
etag: "6381d6d7-bda6"
expires: Mon, 28 Nov 2022 08:28:59 GMT
last-modified: Sat, 26 Nov 2022 09:05:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 70901
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/95bde23c.modern.js

8.247.218.250

200 OK

660 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/95bde23c.modern.js
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65479)
Size
660 kB (660314 bytes)
Hash
d566542baef88a2f9a51f5a8186de5bb
1465b129e62ace12856c835cc4a8f3676b82b7ea
0eb01ed460f954cc5474f04258d8c6c36256ea06cb47365159cd8a57ef1a6741

HTTP Headers

GET /_nuxt/desktop/default/95bde23c.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 660314
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-a135a"
expires: Mon, 28 Nov 2022 09:23:27 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67632
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/12df164d.modern.js

8.247.218.250

200 OK

1.8 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/12df164d.modern.js
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (4622), with no line terminators
Size
1.8 kB (1823 bytes)
Hash
0c087d2b530f536f7ef18543abe42152
97fdcb15aeba8ad5983c7cd587fcd942be0b2995
6d53ca0fea85d37f8dea0683e55101d435b51eae4edbf7f103153988c9fcd374

HTTP Headers

GET /_nuxt/desktop/default/12df164d.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 1823
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-71f"
expires: Mon, 28 Nov 2022 12:15:29 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 57310
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
921c0c6b30dd06fbaaeb97ce0a867b4b
aa5fcd224b345e4f59c9b45f362d8ca630d3804e
71370ee9578ec44382dd1ee2bfd8c46f5051787a529722e8ad09bce38b425545

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:10:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:03:06 GMT
Expires: Sun, 04 Dec 2022 15:03:05 GMT
Etag: "aa5fcd224b345e4f59c9b45f362d8ca630d3804e"
Cache-Control: max-age=556945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7710414d1b520b06-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
921c0c6b30dd06fbaaeb97ce0a867b4b
aa5fcd224b345e4f59c9b45f362d8ca630d3804e
71370ee9578ec44382dd1ee2bfd8c46f5051787a529722e8ad09bce38b425545

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:10:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:03:06 GMT
Expires: Sun, 04 Dec 2022 15:03:05 GMT
Etag: "aa5fcd224b345e4f59c9b45f362d8ca630d3804e"
Cache-Control: max-age=556945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7710414d1d35b523-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
921c0c6b30dd06fbaaeb97ce0a867b4b
aa5fcd224b345e4f59c9b45f362d8ca630d3804e
71370ee9578ec44382dd1ee2bfd8c46f5051787a529722e8ad09bce38b425545

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:10:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:03:06 GMT
Expires: Sun, 04 Dec 2022 15:03:05 GMT
Etag: "aa5fcd224b345e4f59c9b45f362d8ca630d3804e"
Cache-Control: max-age=556945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7710414d19440b3d-OSL

v3.traincdn.com/_nuxt/desktop/default/d4b35b6a.modern.js

8.247.218.250

200 OK

93 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/d4b35b6a.modern.js
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
Algol 68 source text\012- Pascal source, Unicode text, UTF-8 text, with very long lines (65466)
Size
93 kB (93447 bytes)
Hash
b28624baf16e9233cc758e307d9f6ca2
cbef4dfe30c4af52b64bfde1cb4b2b6b02895a20
b853cdd13e13b38861c0ba12f2d54a4437c83ea9e480060f432c8413583f82eb

HTTP Headers

GET /_nuxt/desktop/default/d4b35b6a.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 93447
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-16d07"
expires: Mon, 28 Nov 2022 09:23:27 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67632
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
921c0c6b30dd06fbaaeb97ce0a867b4b
aa5fcd224b345e4f59c9b45f362d8ca630d3804e
71370ee9578ec44382dd1ee2bfd8c46f5051787a529722e8ad09bce38b425545

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 04:10:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 15:03:06 GMT
Expires: Sun, 04 Dec 2022 15:03:05 GMT
Etag: "aa5fcd224b345e4f59c9b45f362d8ca630d3804e"
Cache-Control: max-age=556945,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7710414d1ed9b509-OSL

v3.traincdn.com/_nuxt/desktop/default/css/4859ddb3.css

8.247.218.250

200 OK

84 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/4859ddb3.css
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (65536), with no line terminators
Size
84 kB (84417 bytes)
Hash
8221793c110e14a0e1cfbb52f1ef36db
7aafe0364ba395958f922f8fc6cb88729da341e5
99615c2de27fc399156c626254c3a4d94d2c2a9179ee4c157fe1ed14b19fe301

HTTP Headers

GET /_nuxt/desktop/default/css/4859ddb3.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: text/css
content-length: 84417
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-149c1"
expires: Mon, 28 Nov 2022 09:23:30 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67632
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/02b93193.modern.js

8.247.218.250

200 OK

6.6 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/02b93193.modern.js
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (17080), with no line terminators
Size
6.6 kB (6567 bytes)
Hash
dac3acea98b75cc5eee2c7746964cf02
74be6789f1989c1f2ffbc3ec80cd622a30d59ab6
420906a7db3c30c4f655d450163812c104e37243a5204afb5a61c2c6b87e0a9a

HTTP Headers

GET /_nuxt/desktop/default/02b93193.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 6567
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-19a7"
expires: Mon, 28 Nov 2022 09:23:30 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67632
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/version.json

8.247.218.250

200 OK

44 B

URL HTTP/2
v3.traincdn.com/version.json
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
ASCII text
Size
44 B (44 bytes)
Hash
72331dc68cc4aec9403a486e263714fd
d8821982075adaadce50f07910d58bcce40c5129
462dcdf9735f2c52810899a254158e8a16310f4fbef49b89599897fc7cdc155d

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: application/json
content-length: 44
cache-control: max-age=60, s-maxage=60
content-encoding: gzip
etag: "63832023-2c"
expires: Mon, 28 Nov 2022 04:10:42 GMT
last-modified: Sun, 27 Nov 2022 08:30:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 57
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 376591
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
cd0a5be4865b85e858cfcaafa90f8dca
122569d314b0900b1f5e5f58cdad0d9fc16b7e1b
624aa7cc70d5c36d732f15cdeb8de3854f30240cb770108dd88103f13393428d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Size
16 kB (15920 bytes)
Hash
3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 396187
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.195

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 379010
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lite-1x86926289.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png

178.253.14.164

200 OK

352 B

URL HTTP/2
lite-1x86926289.top/genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png
IP
178.253.14.164:0
ASN
#0

File type
PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Size
352 B (352 bytes)
Hash
7dff72d4146e35a8262e6845d13a8df0
a291af970d3955b35c314e85712ceea3aca25d54
a467e6a3d8e443bbbade9f04324268de101625412c1135b4cec0864a55101a78

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/pg/default/images/c6805d21f8fccbfc75df5c556571fc74.png HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: image/png
content-length: 352
last-modified: Wed, 10 Aug 2022 11:26:08 GMT
x-rgw-object-type: Normal
etag: "7dff72d4146e35a8262e6845d13a8df0"
x-amz-storage-class: STANDARD
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3511
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:10:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3511
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:10:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3511
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:10:40 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8bb181e3f5ca898c6e31a8efc2e28291
eda3a91f8e2cbc5467da08ad85e6f6a30702b66c
0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0"
Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3511
Expires: Mon, 28 Nov 2022 05:09:11 GMT
Date: Mon, 28 Nov 2022 04:10:40 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10813 bytes)
Hash
005e5ba3c9588cf389a58195001b64e3
238a7439d887fb3aa7f1302eeb43fce62f08441a
d75dd5b6f57d9c9290725c5be76cc7d7a39682ca569bea18eceb9bdc13d444f9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10813
x-amzn-requestid: 5a3c9584-1389-45ac-968d-0a2301f82eda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KG00oAMFpig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-6ffc3ff67f7f7e75399834e8;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: pyXmSrIJ5ookfmhWY2xPXv374JfY2fFkcgiz5q8iFpWV4Rm0f0zXtg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 22776
etag: "238a7439d887fb3aa7f1302eeb43fce62f08441a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6498 bytes)
Hash
1bb306213437ea24ab879adc9e3b6da4
771d38e18cdfa54052f7cb150b73c03154eb4368
d4cce7533fd59ef11fb8fec4bc114d5be0bacaa9134e3f1536e0d6bac1f58ffb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74165307-11fe-455f-9c90-106d24a6495f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6498
x-amzn-requestid: 2499eb0e-74c9-4c04-ba58-3e65fc452c34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHU4oAMFaAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-12f14e7a30bc1a75499cb272;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: m5GSRli35fewn4l-k0jyFEcru1VKJlDYddCrLEpp5YiQwaLXsXsQDw==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:02:23 GMT
age: 22097
etag: "771d38e18cdfa54052f7cb150b73c03154eb4368"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8771 bytes)
Hash
b0bd385532089b45a14e461abbecc1af
3da359b1ba09138a425094715b9f3a2f8d0257fe
803001528f2aefc1ea90e585d48de435975862861a1cbe8d898e5cd7ebd297dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8771
x-amzn-requestid: 995d3904-9be1-4b40-9813-ff47e60639ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MEAPoAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-3fdb7958064e0c4b1aed2136;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vrBB4JkuL3nbZnDWitQ4dvTruO9M6hSt8mw9NuJliCmcNOw8xvfWhw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:20:34 GMT
age: 21006
etag: "3da359b1ba09138a425094715b9f3a2f8d0257fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5652 bytes)
Hash
d407d1a700a02f6422a0415be9648354
e9a69711e04e8028f11082285a405bafc61c5b20
dfc27a9aea46df1e218ee485296392c5a6c03756e91487f37212c69d4b30a418

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F887b04ff-c782-4045-b122-5f0fda800771.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: 24915481-2902-4776-b489-7741957424f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMozvEfioAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb4a-7846a98a5fb3d0786cb84130;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -DsRBfO-yxwm29z7mDDNkK69aQb_fpEzVY0vuVUWZrx6-aubx7a3YA==
via: 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 07:39:44 GMT
age: 73856
etag: "e9a69711e04e8028f11082285a405bafc61c5b20"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.3 kB (6263 bytes)
Hash
b24e349e9d22fb30fbc80497b512cead
c033d1ecdb9e7640f3df044e39053bed8292fcbc
2d77e3c39c60a3563613b1ba97ec0b1a256f41ad09936ba49b23d8cf22f8a7a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd6c93814-fbc2-4f60-a417-7cb6ff99a2ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6263
x-amzn-requestid: 5c3da401-eb9e-4904-a7e9-5e74648b8b77
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KFfWoAMF99A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3110d65625e883502a5078a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: EpU6HS6f0BpRceJVfwhBhOgKMTMvdMZj4ST9DMATiqfA10pNplyPtQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:51:04 GMT
age: 22776
etag: "c033d1ecdb9e7640f3df044e39053bed8292fcbc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.4 kB (9430 bytes)
Hash
1f434933b5bd6377d299ada22d1ae7ef
075531f525e625b117b2497f31139c9824d0e9c5
b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9430
x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR7wyGCIIAMFhgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ibLuLI6j9EWh0dgk51O7kiPBRyURZ0UdNtlgbBD-SXnDg_GT_tJm8Q==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:01:16 GMT
age: 22164
etag: "075531f525e625b117b2497f31139c9824d0e9c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lite-1x86926289.top/_nuxt/desktop/default/css/6f22b392.css

178.253.14.164

200 OK

217 B

URL HTTP/2
lite-1x86926289.top/_nuxt/desktop/default/css/6f22b392.css
IP
178.253.14.164:0
ASN
#0

File type
ASCII text, with very long lines (408), with no line terminators
Size
217 B (217 bytes)
Hash
7daedfd2e5d51a6d32dad0ebc8670b9b
8188bcb32337c1db47695dd3fd1df0ad2710ce91
bb735f470af34179f2b18d7c55ea895ce7e5595a64f67e98fcbd169176b33745

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/desktop/default/css/6f22b392.css HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:40 GMT
content-type: text/css
content-length: 217
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
vary: Accept-Encoding
etag: "63831f02-d9"
content-encoding: gzip
expires: Mon, 28 Nov 2022 05:10:40 GMT
cache-control: max-age=3600
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1669608640328

178.253.14.164

200 OK

145 B

URL HTTP/2
lite-1x86926289.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1669608640328
IP
178.253.14.164:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
145 B (145 bytes)
Hash
55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1669608640328 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:40 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x86926289.top/pwa

178.253.14.164

200 OK

15 B

URL HTTP/2
lite-1x86926289.top/pwa
IP
178.253.14.164:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
15 B (15 bytes)
Hash
0e4766fd1b2ba2e236fd9364587f99ab
eb98dec7af065d80a1a3ddb99cb3e3c0919aa852
4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pwa HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Connection: keep-alive
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:40 GMT
content-type: application/json; charset=utf-8
content-length: 15
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
server-timing: dt_285;dur=2
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/abf3835a.modern.js

8.247.218.250

200 OK

1.1 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/abf3835a.modern.js
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (2510), with no line terminators
Size
1.1 kB (1083 bytes)
Hash
776645d2326a07da88bdde59af23c88d
34c041c3ab883d227b2e4d6a7563a2d231ad8a8f
232ed4d24c5fdb317230eee2ec2a46986002e6972a86a2ba757d8b6b5645a3a1

HTTP Headers

GET /_nuxt/desktop/default/abf3835a.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 1083
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-43b"
expires: Mon, 28 Nov 2022 12:12:44 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 57477
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-178408567-1

142.250.74.168

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-178408567-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1921)
Size
45 kB (44713 bytes)
Hash
b78f4533b0315655ab14bfd6972ae7a6
331175020299838620f6d091c79ab0c8c0a44377
5f548e14ba75b3253cf5751d87b6e5928d01ad4f16fb834f3dbc76122f9c0bfc

HTTP Headers

GET /gtag/js?id=UA-178408567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 28 Nov 2022 04:10:41 GMT
expires: Mon, 28 Nov 2022 04:10:41 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44713
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lite-1x86926289.top/version.json?timestamp=1669608640522

178.253.14.164

200 OK

44 B

URL HTTP/2
lite-1x86926289.top/version.json?timestamp=1669608640522
IP
178.253.14.164:0
ASN
#0

File type
ASCII text
Size
44 B (44 bytes)
Hash
72331dc68cc4aec9403a486e263714fd
d8821982075adaadce50f07910d58bcce40c5129
462dcdf9735f2c52810899a254158e8a16310f4fbef49b89599897fc7cdc155d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /version.json?timestamp=1669608640522 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
content-length: 44
last-modified: Sun, 27 Nov 2022 08:30:27 GMT
vary: Accept-Encoding
etag: "63832023-2c"
content-encoding: gzip
expires: Mon, 28 Nov 2022 04:11:41 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c81653e99cfdfb43236c8d50248b2e51
a33bc0cb7d3bb714b7ef23b059bb304cf23d464f
e75fa0ce568755990d6949ef93e3e5c29213a5a11887f697af901f41b14e0274

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

radar.cedexis.com/1593429750/radar.js

45.54.49.5

200 OK

19 kB

URL HTTP/1.1
radar.cedexis.com/1593429750/radar.js
IP
45.54.49.5:0
ASN
#63911 NetActuate, Inc

File type
ASCII text, with very long lines (1782)
Size
19 kB (18746 bytes)
Hash
2acb3c3179b2646943d1a8f5166743cc
56aa31a4027fec3dd8cc78114c6b0f3604716c14
0ac8b27ab0fd5f6440f4fc51e98694a417ae1402a3ca4feb224643327c079595

HTTP Headers

GET /1593429750/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Mon, 28 Nov 2022 04:10:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 29 Jun 2020 11:30:33 GMT
Vary: Accept-Encoding
ETag: W/"5ef9d0d9-af5c"
Expires: Mon, 12 Dec 2022 04:10:41 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip

lite-1x86926289.top/_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg

178.253.14.164

200 OK

41 kB

URL HTTP/2
lite-1x86926289.top/_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg
IP
178.253.14.164:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Size
41 kB (40683 bytes)
Hash
99a829e8a772aad078540e0f077c1e40
d15d0e736b9082445b64a64dc45dd3000c7912e0
993175bba9fe17eedf7edb260e2da91fd9244e7e1302b192de5c0bd500d4331c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/svg-sprites/common-698f8a6f34d490918d634efec2d8f268.svg HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
etag: W/"63831f02-196ca"
expires: Mon, 28 Nov 2022 23:43:51 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css

8.247.218.250

200 OK

454 B

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/c2b74bc7.css
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (1429), with no line terminators
Size
454 B (454 bytes)
Hash
38ab8312925719bbf27c9f9ce1acf908
e1bad84acb2e6396a4e55fdbd8e58727ccdb444f
f79ed2de7ff2155a501cad024d7a47fd85996f9403cefc8088300718fdbf090d

HTTP Headers

GET /_nuxt/desktop/default/css/c2b74bc7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: text/css
content-length: 454
cache-control: max-age=86400
content-encoding: gzip
etag: "6381d6d7-1c6"
expires: Mon, 28 Nov 2022 08:29:07 GMT
last-modified: Sat, 26 Nov 2022 09:05:27 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 70896
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x86926289.top/_nuxt/svg-sprites/qatar-fce482452f0624ce31de0cfe3caf302b.svg

178.253.14.164

200 OK

9.2 kB

URL HTTP/2
lite-1x86926289.top/_nuxt/svg-sprites/qatar-fce482452f0624ce31de0cfe3caf302b.svg
IP
178.253.14.164:0
ASN
#0

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (18547), with no line terminators
Size
9.2 kB (9192 bytes)
Hash
468ccec3e070064da1408049cdf082c6
a861f24b3d29e0538a16bfe67cc4dd36ade06bcd
ce501973dba779bc899663dfbdfa7d8cff2cc958e70b86573dc55c909b44d84e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /_nuxt/svg-sprites/qatar-fce482452f0624ce31de0cfe3caf302b.svg HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sun, 27 Nov 2022 08:22:21 GMT
etag: W/"63831e3d-4873"
expires: Mon, 28 Nov 2022 16:58:25 GMT
cache-control: max-age=86400
access-control-allow-origin: *
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/e7ea6c61.modern.js

8.247.218.250

200 OK

17 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/e7ea6c61.modern.js
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (41008), with NEL line terminators
Size
17 kB (16803 bytes)
Hash
646526cb77d985135898799955da04a3
0c6f345e1cce13c2084204b9eec16bb2ee3ba509
8b3d80e4982430d135192cd8aa7f18c0c81c48b77c2d9f05ffd8551dc7b57b84

HTTP Headers

GET /_nuxt/desktop/default/e7ea6c61.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 16803
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-41a3"
expires: Mon, 28 Nov 2022 12:12:45 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 57477
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/96e6ff21.modern.js

8.247.218.250

200 OK

3.9 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/96e6ff21.modern.js
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (17802), with no line terminators
Size
3.9 kB (3905 bytes)
Hash
e3f81cc800c5cd212c1cbea67575fdbc
eadc125cf0dbf93bfe7d7d99bdc647097e40bb1d
a9eb7f8b3282694637a51cfe126761a5117af65357532d46d67851ee661024f1

HTTP Headers

GET /_nuxt/desktop/default/96e6ff21.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 3905
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-f41"
expires: Mon, 28 Nov 2022 12:12:45 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 57477
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

216.58.207.195

200 OK

9.6 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Size
9.6 kB (9628 bytes)
Hash
d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 06:19:49 GMT
expires: Fri, 24 Nov 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 337852
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/f0cdb63c.modern.js

8.247.218.250

200 OK

1.1 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/f0cdb63c.modern.js
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (2451), with no line terminators
Size
1.1 kB (1061 bytes)
Hash
b3891985de1832945a87c1ab8db6c71e
527836872393c1e10db39fdcde5925dc99948085
9ca8d26c24145db4e4d847140ccf7117a41a6a10030c5116aa46a2ab1aaf031f

HTTP Headers

GET /_nuxt/desktop/default/f0cdb63c.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 1061
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-425"
expires: Mon, 28 Nov 2022 09:23:49 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67613
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x86926289.top/domain-api/api/v1/domains/lite-1x86926289.top

178.253.14.164

200 OK

86 B

URL HTTP/2
lite-1x86926289.top/domain-api/api/v1/domains/lite-1x86926289.top
IP
178.253.14.164:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
86 B (86 bytes)
Hash
6cfdac3a8d33b2508c9406e2ab1f3b5c
e3ac8dd93bdb3e0740eaaf7c20ce1ed4832bd8ed
af551b631c9a3990820bad4fee5ddc2e7ce66907c2e798347b77ba2a4935f02a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /domain-api/api/v1/domains/lite-1x86926289.top HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/vnd.api+json
content-length: 86
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/390ec237.modern.js

8.247.218.250

200 OK

5.4 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/390ec237.modern.js
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
ASCII text, with very long lines (13517), with no line terminators
Size
5.4 kB (5378 bytes)
Hash
8cae159105c530eae2abc3d0e2886fe5
41e5028961e12aa601e5e84bc348dbdcdf4bdd27
31c64d32adf4c1368837e40aa2d54874ef3550c38b9fce5b5a16715c678432c8

HTTP Headers

GET /_nuxt/desktop/default/390ec237.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 5378
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-1502"
expires: Mon, 28 Nov 2022 09:24:10 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67597
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/b0ff0115.modern.js

8.247.218.250

200 OK

26 kB

URL HTTP/2
v3.traincdn.com/_nuxt/desktop/default/b0ff0115.modern.js
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
26 kB (26112 bytes)
Hash
b37cdeceb55e4e0c1d5f1c3dcffd5ae5
f999b330840129d7f4cc1db45d310c3b0c30fd36
7d58c82cf8be3c37bbbf3d0117a8ff201afef6718ebd52771e5787f45c224d85

HTTP Headers

GET /_nuxt/desktop/default/b0ff0115.modern.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 26112
cache-control: max-age=86400
content-encoding: gzip
etag: "63831f02-6600"
expires: Mon, 28 Nov 2022 09:23:44 GMT
last-modified: Sun, 27 Nov 2022 08:25:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 67622
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x86926289.top/frontend-api/seo/seoText?url=https%3A%2F%2Flite-1x86926289.top%2Fus%2Flanding-page%2Flanding_first_deposit_bet26_p45_ar1&language=us

178.253.14.164

200 OK

38 B

URL HTTP/2
lite-1x86926289.top/frontend-api/seo/seoText?url=https%3A%2F%2Flite-1x86926289.top%2Fus%2Flanding-page%2Flanding_first_deposit_bet26_p45_ar1&language=us
IP
178.253.14.164:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
38 B (38 bytes)
Hash
7e5f0649cceedb563f3037fcd2dc2629
e274dd8ff75b14d8b7d2d86cea5b8bc415de58ac
cc2d7c3416bb5bbb515f151fbf694edbc44b497fca10f87b61fb31ab0b43a548

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /frontend-api/seo/seoText?url=https%3A%2F%2Flite-1x86926289.top%2Fus%2Flanding-page%2Flanding_first_deposit_bet26_p45_ar1&language=us HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json; charset=utf-8
content-length: 38
access-control-allow-origin: *
etag: W/"26-4nTdj/dbFNi30ths6luLxBXeWKw"
server-timing: requestTime; dur=39.248805999999995; desc="req_t", renderTime; dur=39.255395; desc="rend_t", total; dur=39.765367999999995; desc="Total Response Time"
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/checker/redirect/stat/run/

178.253.14.164

200 OK

49 B

URL HTTP/2
lite-1x86926289.top/checker/redirect/stat/run/
IP
178.253.14.164:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
49 B (49 bytes)
Hash
b7a9075de81cdb1a9fa74fa71b5126dd
9d651f649e1c5eab95d3b0ca7cc9b02dec41df61
86877f86c7d18d59e54d73c43e6709a91a7f0a6a86980cada7f4b7e69c13cf20

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /checker/redirect/stat/run/ HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json; charset=utf-8
content-length: 49
cache-control: private
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/web-api/external-api/getColorTheme

178.253.14.164

200 OK

15 kB

URL HTTP/2
lite-1x86926289.top/web-api/external-api/getColorTheme
IP
178.253.14.164:0
ASN
#0

File type
data
Size
15 kB (15156 bytes)
Hash
830072e159519c1f86ce31609df94ac7
7f6a06990d5eaafc19b8b48e54fb96a92d943405
6148a52552e442e034f5a5f5c46d8019ef6a6189d059d3d057decb93401e6895

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/getColorTheme HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=46, dt_285;dur=754
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png

8.247.218.250

200 OK

8.1 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
PNG image data, 243 x 144, 8-bit colormap, non-interlaced\012- data
Size
8.1 kB (8120 bytes)
Hash
d2998762f0b00c9d1bcd90c28f0a5731
95553e4eff474b6a05ad4a6e00826ba4ab9b2c4e
09050bbfb49f160886714942b619eb95dbd92f2f6862f38aa685538f420591b8

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/can-2019-en.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 8120
cache-control: public, max-age=120, s-maxage=600
etag: "d2998762f0b00c9d1bcd90c28f0a5731"
expires: Mon, 28 Nov 2022 04:04:51 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 511
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x86926289.top/web-api/external-api/getFirstDepositBonus

178.253.14.164

200 OK

19 kB

URL HTTP/2
lite-1x86926289.top/web-api/external-api/getFirstDepositBonus
IP
178.253.14.164:0
ASN
#0

File type
data
Size
19 kB (18799 bytes)
Hash
612bd9c1a38a890da47e0b23d57fbb45
807d9d32328d729a4c7530e375a869aebd3b560c
99d98bf916fb9cdd1532c9633c35832b9e7eb05e9038753db22c241dadebcb95

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=45, dt_285;dur=47
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/web-api/external-api/getFirstDepositBonus

178.253.14.164

200 OK

34 kB

URL HTTP/2
lite-1x86926289.top/web-api/external-api/getFirstDepositBonus
IP
178.253.14.164:0
ASN
#0

File type
data
Size
34 kB (33452 bytes)
Hash
2d8bee35fdd3accdd126b80e12535494
07c7519f24a522d41763db3e7a013f8f02ada641
4e6ff2efd96a93be1f681964e1abfa153d3ef31203fe3fd0ae94894a94a5ec4f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/getFirstDepositBonus HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=49, dt_285;dur=54
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png

8.247.218.250

200 OK

168 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
PNG image data, 4455 x 2151, 8-bit/color RGBA, non-interlaced\012- data
Size
168 kB (168437 bytes)
Hash
514efcaa096bc870bbb55a0910327b9c
05f80f59b5eeb2e4cf409fc4b9d96ddec64b3e6f
a541dec3a5acfa154ce5716014bb463c6be72db6bf5ffb88dde95929e9670942

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/K23_2020_lightmode.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 168437
cache-control: public, max-age=120, s-maxage=600
etag: "514efcaa096bc870bbb55a0910327b9c"
expires: Mon, 28 Nov 2022 04:11:56 GMT
last-modified: Wed, 01 Jun 2022 12:17:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 66
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png

8.247.218.250

200 OK

119 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/logo-losc.png
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
PNG image data, 2052 x 1962, 8-bit/color RGBA, non-interlaced\012- data
Size
119 kB (119254 bytes)
Hash
0b72a6591ead9e9b95a118b411b9556a
6d43538a7c2167e9046d418e0707dba8f361fd1c
012b4965e861f6073a0496f55677715279f5799468c9aa4c3d92bdbbc5e0b67b

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/logo-losc.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 119254
cache-control: public, max-age=120, s-maxage=600
etag: "0b72a6591ead9e9b95a118b411b9556a"
expires: Mon, 28 Nov 2022 04:07:50 GMT
last-modified: Fri, 09 Sep 2022 14:12:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 292
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/tundra_esports_white_300.png

8.247.218.250

200 OK

4.8 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/tundra_esports_white_300.png
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
PNG image data, 300 x 333, 8-bit colormap, non-interlaced\012- data
Size
4.8 kB (4787 bytes)
Hash
a5890bc0bcaec72aa20c8aff34d9b780
5838db8aa1e45633a318302673e01b096f6a94d9
5b67017abd98aa5a6fe3c86aa2f74ef39ac53a6067aa4d9515f413813bd16857

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/tundra_esports_white_300.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 4787
cache-control: public, max-age=120, s-maxage=600
etag: "a5890bc0bcaec72aa20c8aff34d9b780"
expires: Mon, 28 Nov 2022 04:07:28 GMT
last-modified: Fri, 28 Oct 2022 09:52:52 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 313
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png

8.247.218.250

200 OK

9.9 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
PNG image data, 834 x 434, 8-bit/color RGBA, non-interlaced\012- data
Size
9.9 kB (9904 bytes)
Hash
c14d0b72d2885c8ae4975e64ddb29a6f
3c31e0bb67f15daada51baf892c89ef0cd061146
657992cd544e48630d90afc0b957014f0ac4fad15789c7c18a937d5b71231967

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/mibr_white-logo.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 9904
cache-control: public, max-age=120, s-maxage=600
etag: "c14d0b72d2885c8ae4975e64ddb29a6f"
expires: Mon, 28 Nov 2022 04:04:51 GMT
last-modified: Thu, 04 Aug 2022 17:36:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 511
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png

8.247.218.250

200 OK

7.4 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
PNG image data, 169 x 183, 8-bit colormap, non-interlaced\012- data
Size
7.4 kB (7420 bytes)
Hash
8ea23d2a7c2e152564a43453425b3301
f6e61dbb4b90ab17f23130d79af095a1267b01c3
e193b50c6e3a1657a7c7e1100b941a43c90eeda8f9d56763318ac624eeba2cbd

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/logo-fcb.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 7420
cache-control: public, max-age=120, s-maxage=600
etag: "8ea23d2a7c2e152564a43453425b3301"
expires: Mon, 28 Nov 2022 04:04:51 GMT
last-modified: Fri, 06 Nov 2020 12:55:12 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 511
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png

8.247.218.250

200 OK

149 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
PNG image data, 2187 x 3222, 8-bit/color RGBA, non-interlaced\012- data
Size
149 kB (149244 bytes)
Hash
ab837a9cb89291146ad8b371c052fe8d
bf89d8ec4fa8ac43004ceb74bd49199aa3436ca2
14a017c6bf332ef819755c66546f9847b291c056239bc0289d92063fcd17648b

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/og_red_bull.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 149244
cache-control: public, max-age=120, s-maxage=600
etag: "ab837a9cb89291146ad8b371c052fe8d"
expires: Mon, 28 Nov 2022 04:04:51 GMT
last-modified: Wed, 25 May 2022 11:38:09 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 511
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sfiles/games-images/ico-logo/white/desk/169.svg

8.247.218.250

200 OK

72 kB

URL HTTP/2
v3.traincdn.com/sfiles/games-images/ico-logo/white/desk/169.svg
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (34355)
Size
72 kB (72004 bytes)
Hash
652a248846360cfc753157ac135e3833
546906b1e3df5ce7a3adefd3fcc937e20be9c3d2
10ccd9e4e374dbd44ba53c31bc581f964075da48cb728a07256e13839d8cc5b5

HTTP Headers

GET /sfiles/games-images/ico-logo/white/desk/169.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/svg+xml
content-length: 72004
cache-control: max-age=86400
content-encoding: gzip
etag: W/"f6505dc3eba72dc86dd6f5d3ad3783e6"
expires: Mon, 28 Nov 2022 14:21:34 GMT
last-modified: Wed, 16 Nov 2022 15:19:41 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-meta-origin-date-iso8601: 2022-11-16T14:16:25.000Z
age: 49763
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png

8.247.218.250

200 OK

15 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
PNG image data, 387 x 230, 8-bit colormap, non-interlaced\012- data
Size
15 kB (14740 bytes)
Hash
70e5105d03a74cc00cd9a0386fde303e
ffcd4fbcd486825d0d31e41cada108335b012d81
baabca03d9695b9475d7d0b4d736fbb093d21f2c03228a7704097e2bfb8e583a

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/caf-confederation-en.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 14740
cache-control: public, max-age=120, s-maxage=600
etag: "70e5105d03a74cc00cd9a0386fde303e"
expires: Mon, 28 Nov 2022 04:07:50 GMT
last-modified: Fri, 07 May 2021 11:29:03 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 292
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png

8.247.218.250

200 OK

169 kB

URL HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png
IP
8.247.218.250:0
ASN
#3356 LEVEL3

File type
PNG image data, 4000 x 4000, 8-bit/color RGBA, non-interlaced\012- data
Size
169 kB (169025 bytes)
Hash
ba6cf2e79cb532a105c8f34b1efbcb26
f05ff0a3895400ac928ac1cce6153f657e6f6d8f
8e3e826321588ba9cca7ed55a8c23ee2e64e007775a40f9f8878340b2788864e

HTTP Headers

GET /genfiles/cms/1-285/desktop/footer/logos/team_spirit_black.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: image/png
content-length: 169025
cache-control: public, max-age=120, s-maxage=600
etag: "ba6cf2e79cb532a105c8f34b1efbcb26"
expires: Mon, 28 Nov 2022 04:12:41 GMT
last-modified: Wed, 01 Jun 2022 12:16:40 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 329
accept-ranges: bytes
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Mon, 28 Nov 2022 02:41:08 GMT
expires: Mon, 28 Nov 2022 04:41:08 GMT
cache-control: public, max-age=7200
age: 5373
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lite-1x86926289.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1669608641411

178.253.14.164

200 OK

145 B

URL HTTP/2
lite-1x86926289.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1669608641411
IP
178.253.14.164:0
ASN
#0

File type
JSON data\012- , ASCII text, with no line terminators
Size
145 B (145 bytes)
Hash
55385fdddab661013ad8f678cd75ac88
bd36ac4197e34b4d5022498bc319e6f51dff2329
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1669608641411 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
content-length: 145
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
x-rgw-object-type: Normal
etag: "55385fdddab661013ad8f678cd75ac88"
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x86926289.top/web-api/api/internal/v1/proof_of_age

178.253.14.164

204 No Content

0 B

URL HTTP/2
lite-1x86926289.top/web-api/api/internal/v1/proof_of_age
IP
178.253.14.164:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/api/internal/v1/proof_of_age HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/vnd.api+json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Mon, 28 Nov 2022 04:10:42 GMT
cache-control: no-cache, private
server-timing: p;dur=43, dt_285;dur=49
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
770555aa8a0a52c611bafb289ca8a650
62504cadc49747f328e3c31ad3aa7a740043072c
6317c8530220392b1339be640b8c1181c468ff8e3f3d1d5692b39cb32404216f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1591737896.1669608642&jid=1054944097&gjid=2087871467&_gid=1173194502.1669608642&_u=aGBAAUACQAAAACAAI~&z=239718254

142.251.1.155

200 OK

1 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1591737896.1669608642&jid=1054944097&gjid=2087871467&_gid=1173194502.1669608642&_u=aGBAAUACQAAAACAAI~&z=239718254
IP
142.251.1.155:0
ASN
#15169 GOOGLE

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=1591737896.1669608642&jid=1054944097&gjid=2087871467&_gid=1173194502.1669608642&_u=aGBAAUACQAAAACAAI~&z=239718254 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://lite-1x86926289.top
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 28 Nov 2022 04:10:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
fb9963af5b3c525d68d5c87f0da8025b
c8d1f50313dddb0cea04745d762dac01718a026f
231ef2bc126d4f0cf0910147608f65ec32ee15f3cfdb6981f5fae66f33cfc519

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

lite-1x86926289.top/web-api/external-api/config/all

178.253.14.164

200 OK

8.8 kB

URL HTTP/2
lite-1x86926289.top/web-api/external-api/config/all
IP
178.253.14.164:0
ASN
#0

File type
Unicode text, UTF-8 text, with very long lines (36947), with no line terminators
Size
8.8 kB (8806 bytes)
Hash
8c9e4c803af0b981a9b533799249f761
f05803b4229b42683ff78a11fe0643a7ba8c5cb1
286596edfdd1e8b2d15b22735245cca1347eb2da7780cbd96b43857ce55a4b49

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /web-api/external-api/config/all HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:42 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=62, dt_285;dur=65
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=2oeb90&_p=1766993980&cid=1591737896.1669608642&ul=en-us&sr=1280x1024&_s=1&sid=1669608641&sct=1&seg=0&dl=https%3A%2F%2Flite-1x86926289.top%2Fus%2Flanding-page%2Flanding_first_deposit_bet26_p45_ar1&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_ss=1

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=2oeb90&_p=1766993980&cid=1591737896.1669608642&ul=en-us&sr=1280x1024&_s=1&sid=1669608641&sct=1&seg=0&dl=https%3A%2F%2Flite-1x86926289.top%2Fus%2Flanding-page%2Flanding_first_deposit_bet26_p45_ar1&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_ss=1
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=2oeb90&_p=1766993980&cid=1591737896.1669608642&ul=en-us&sr=1280x1024&_s=1&sid=1669608641&sct=1&seg=0&dl=https%3A%2F%2Flite-1x86926289.top%2Fus%2Flanding-page%2Flanding_first_deposit_bet26_p45_ar1&dt=1XBET.COM%20Bookmaker.%20High%20Odds.%2024-Hour%20Customer%20Service&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://lite-1x86926289.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://lite-1x86926289.top
date: Mon, 28 Nov 2022 04:10:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

lite-1x86926289.top/genfiles/web-app-v2/dictionary2/v3_landings/us/dictionary_519eda9366ff81209b4c2c6cd0857c85.json

178.253.14.164

200 OK

492 B

URL HTTP/2
lite-1x86926289.top/genfiles/web-app-v2/dictionary2/v3_landings/us/dictionary_519eda9366ff81209b4c2c6cd0857c85.json
IP
178.253.14.164:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (492), with no line terminators
Size
492 B (492 bytes)
Hash
39b2956fc0ad88842ccc08dce259606a
22169406f6747850a35eb0e03f883064074cd0a2
d921e7d4b9d5dc184dacf399f6d8d84b86f33fa3ff41368bbc3c469c22743cf8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/web-app-v2/dictionary2/v3_landings/us/dictionary_519eda9366ff81209b4c2c6cd0857c85.json HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1920; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:42 GMT
content-type: application/json; charset=utf-8
content-length: 492
last-modified: Sun, 27 Nov 2022 10:06:15 GMT
x-rgw-object-type: Normal
etag: "39b2956fc0ad88842ccc08dce259606a"
cache-control: max-age=31536000
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x86926289.top/web-api/external-api/config/getLangs

178.253.14.164

200 OK

2.4 kB

URL HTTP/2
lite-1x86926289.top/web-api/external-api/config/getLangs
IP
178.253.14.164:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (6941), with no line terminators
Size
2.4 kB (2394 bytes)
Hash
3734c256a68a0986eb72f600faa1de18
a39539031421edff7ce47cba9707f5d959e8d97a
11c75e73c4957208d6fd7bfc6bca0ec14c97ae3411063610af1dc8bdff50ae6a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/config/getLangs HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:42 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=20, dt_285;dur=22
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
804c3c01e04e197bd1d791fe74b88dd5
0f698d6b7287661d5d5592e8c1ecbe005c45e145
4fb61747af6f8a35c3ff7ffd36fcf8c6b687ac74cfd2f42c45a1a64e4c382b45

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1277
Cache-Control: max-age=111915
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:43 GMT
Etag: "638341f1-116"
Expires: Tue, 29 Nov 2022 11:15:58 GMT
Last-Modified: Sun, 27 Nov 2022 10:54:41 GMT
Server: ECS (amb/6B93)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
804c3c01e04e197bd1d791fe74b88dd5
0f698d6b7287661d5d5592e8c1ecbe005c45e145
4fb61747af6f8a35c3ff7ffd36fcf8c6b687ac74cfd2f42c45a1a64e4c382b45

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1277
Cache-Control: max-age=111915
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 04:10:43 GMT
Etag: "638341f1-116"
Expires: Tue, 29 Nov 2022 11:15:58 GMT
Last-Modified: Sun, 27 Nov 2022 10:54:41 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 278

lite-1x86926289.top/web-api/api/v3/landings/landing_first_deposit_bet26_p45_ar1

178.253.14.164

200 OK

5.8 kB

URL HTTP/2
lite-1x86926289.top/web-api/api/v3/landings/landing_first_deposit_bet26_p45_ar1
IP
178.253.14.164:0
ASN
#0

File type
JSON data\012- , ASCII text, with very long lines (27258), with no line terminators
Size
5.8 kB (5808 bytes)
Hash
8a988e9ce0773da4faead0e7f0df1086
f6a7817c48d0b08d6d08162d167c460bd6c57cb4
c7764f229c76a326626c0030ab22239c88a63ae328dc3c4378db13d900ad641a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/api/v3/landings/landing_first_deposit_bet26_p45_ar1 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=153, dt_285;dur=154
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/web-api/external-api/getColorTheme

178.253.14.164

200 OK

5.1 kB

URL HTTP/2
lite-1x86926289.top/web-api/external-api/getColorTheme
IP
178.253.14.164:0
ASN
#0

File type
data
Size
5.1 kB (5132 bytes)
Hash
12c4276ee498dd51f940fc1f9adf1785
fbc6c394ec893049766c5d6f0fc1fbdd38387af6
e4cf8c2044cfc59a7601eb936fb9d216e9840f70f679da3e03628d01ba4163fa

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/getColorTheme HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:42 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=35, dt_285;dur=37
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/genfiles/cms/landings/1/background/75d5201f86cd721062ca3cece8cccef2.jpg

178.253.14.164

200 OK

213 kB

URL HTTP/2
lite-1x86926289.top/genfiles/cms/landings/1/background/75d5201f86cd721062ca3cece8cccef2.jpg
IP
178.253.14.164:0
ASN
#0

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 1920x960, components 3\012- data
Size
213 kB (213335 bytes)
Hash
5bc5c598ad0496b414449329bd96c894
e4ef3956711d1f70af92264218d3644211a656d1
0e5b7015215ce7efeeaf7265679087cc7255747764d6d66d0ad21d2a05d93a92

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/landings/1/background/75d5201f86cd721062ca3cece8cccef2.jpg HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: image/jpg
content-length: 213335
last-modified: Thu, 30 Jul 2020 08:35:25 GMT
x-rgw-object-type: Normal
etag: "5bc5c598ad0496b414449329bd96c894"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x86926289.top/genfiles/cms/landings/1/promo_block/a5585c7d10920cdd1359f362a3e17af3.png

178.253.14.164

200 OK

1.6 kB

URL HTTP/2
lite-1x86926289.top/genfiles/cms/landings/1/promo_block/a5585c7d10920cdd1359f362a3e17af3.png
IP
178.253.14.164:0
ASN
#0

File type
PNG image data, 68 x 73, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1631 bytes)
Hash
2f002d83a39c0006f16d56c0299716ed
43e07f06140060cdfe0a3e6fcb89d7c6bbb7b5d3
7bd8249d406a4619ad5be8b919ba4a5072300ddf0dc3f3b1632d4d9664b0e341

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/landings/1/promo_block/a5585c7d10920cdd1359f362a3e17af3.png HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: image/png
content-length: 1631
last-modified: Thu, 30 Jul 2020 08:35:25 GMT
x-rgw-object-type: Normal
etag: "2f002d83a39c0006f16d56c0299716ed"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x86926289.top/genfiles/cms/landings/1/promo_block/04494d922ba6a61f11e879cd153436b4.png

178.253.14.164

200 OK

2.3 kB

URL HTTP/2
lite-1x86926289.top/genfiles/cms/landings/1/promo_block/04494d922ba6a61f11e879cd153436b4.png
IP
178.253.14.164:0
ASN
#0

File type
PNG image data, 65 x 65, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2320 bytes)
Hash
1af84ad0257f8dd762719dc38067f600
9007c4e66ec90171179a4d32810047f9103f7fc8
00a3719f93f2e7a32e9c44d0bba2177c10f39164bc616c84145951723b2bf8e3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/landings/1/promo_block/04494d922ba6a61f11e879cd153436b4.png HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: image/png
content-length: 2320
last-modified: Thu, 30 Jul 2020 08:35:25 GMT
x-rgw-object-type: Normal
etag: "1af84ad0257f8dd762719dc38067f600"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x86926289.top/genfiles/cms/landings/1/promo_block/5543e4485225f5aa96ce55f167d574da.png

178.253.14.164

200 OK

3.7 kB

URL HTTP/2
lite-1x86926289.top/genfiles/cms/landings/1/promo_block/5543e4485225f5aa96ce55f167d574da.png
IP
178.253.14.164:0
ASN
#0

File type
PNG image data, 69 x 76, 8-bit colormap, non-interlaced\012- data
Size
3.7 kB (3728 bytes)
Hash
b12826d25ed15e1d17a187b9c15960fe
cb181377448ab5925dd549ccb7ed570f92dfe69f
57b4ed9dfcb5bb2787b1bc71bc6c7795e15ac52c9cc811f70046797b4ae63c4f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/landings/1/promo_block/5543e4485225f5aa96ce55f167d574da.png HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: image/png
content-length: 3728
last-modified: Thu, 30 Jul 2020 08:35:25 GMT
x-rgw-object-type: Normal
etag: "b12826d25ed15e1d17a187b9c15960fe"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x86926289.top/genfiles/cms/landings/1/promo_block/5b89caa14a3131e0db3d9d97b684bf1b.png

178.253.14.164

200 OK

2.8 kB

URL HTTP/2
lite-1x86926289.top/genfiles/cms/landings/1/promo_block/5b89caa14a3131e0db3d9d97b684bf1b.png
IP
178.253.14.164:0
ASN
#0

File type
PNG image data, 77 x 80, 8-bit colormap, non-interlaced\012- data
Size
2.8 kB (2809 bytes)
Hash
64bd2abaa6fb6fbe0a195955f684de79
192d8248e7c81840401e3e1567049c45bd34dba7
5a5ed431d157bbe2d84d51dc795605b10d4b8920bb754e815d36c14a54f000ad

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /genfiles/cms/landings/1/promo_block/5b89caa14a3131e0db3d9d97b684bf1b.png HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: image/png
content-length: 2809
last-modified: Thu, 30 Jul 2020 08:35:25 GMT
x-rgw-object-type: Normal
etag: "64bd2abaa6fb6fbe0a195955f684de79"
access-control-allow-origin: *
cache-control: public,max-age=120,s-maxage=600
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x86926289.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=us&fCountry=137

178.253.14.164

200 OK

46 kB

URL HTTP/2
lite-1x86926289.top/web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=us&fCountry=137
IP
178.253.14.164:0
ASN
#0

File type
data
Size
46 kB (46190 bytes)
Hash
55fb5e87d8db13bd6fdd603a15621e32
4bbc484504a1b0cf96dc287938a7e11606937041
7f0cc8fc4b8ccc1d9b1f8c6682606040a33863ad854f784b69f0fd376c8310b6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/external-api/games/banner?whence=55&ref=1&gr=285&lng=us&fCountry=137 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=96, dt_285;dur=98
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/static-promotion/img/info_one_2.0953b4a.png

178.253.14.164

200 OK

84 kB

URL HTTP/2
lite-1x86926289.top/static-promotion/img/info_one_2.0953b4a.png
IP
178.253.14.164:0
ASN
#0

File type
PNG image data, 725 x 645, 8-bit/color RGBA, non-interlaced\012- data
Size
84 kB (84546 bytes)
Hash
ae2439f89e885326af7b19a25a88abc2
02a368a0c0c7a66870d40dd6321209b93c38f745
12583aa385542195dc44716d31f39c4f5fb95577584c30e398366edc7d137bfe

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static-promotion/img/info_one_2.0953b4a.png HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: image/png
content-length: 84546
last-modified: Sat, 26 Nov 2022 13:54:58 GMT
etag: "63821ab2-14a42"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

lite-1x86926289.top/translation-api/by-lang/us

178.253.14.164

200 OK

71 kB

URL HTTP/2
lite-1x86926289.top/translation-api/by-lang/us
IP
178.253.14.164:0
ASN
#0

File type
JSON data\012- data
Size
71 kB (71046 bytes)
Hash
6fff7912821e3415f7deee8404a20ae1
67f284e057865f7f1e1a58d3f2f5606050d34b43
ca21235c0a8cb97495d3de6bc0ededc7b12788aa93ab9c5ce7e058a8c753bc90

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /translation-api/by-lang/us HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1920; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:42 GMT
content-type: application/vnd.api+json
cache-control: no-cache, private
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization
access-control-max-age: 1728000
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.3 kB (4254 bytes)
Hash
300ba2bd11eefb4b5b9ba5b9d56c6cca
55c9d2899b16945f329d0dacc021161038629988
a866abff0b6b5c6ed6758f1208f106d8f00c7f16fa07f2a676301cce8301e964

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e33decf-55e5-425f-bb8d-5e1ca290e633.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4254
x-amzn-requestid: 9c63d2a1-e805-4114-8875-fc1dc022c047
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IwHopoAMFq0g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-395ca7b76b364c11172fbdd6;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: tFKbj-Jui_NW_73l_-W1Ja9sHqNKCSA3P8O3IZR38idkSAACjsnIMw==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:49 GMT
etag: "55c9d2899b16945f329d0dacc021161038629988"
content-type: image/jpeg
age: 22438
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1

178.253.14.164

200 OK

0 B

URL HTTP/2
lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
IP
178.253.14.164:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /us/landing-page/landing_first_deposit_bet26_p45_ar1 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: text/html; charset=utf-8
accept-ranges: none
content-encoding: gzip
server-timing: total;dur=495;desc="Nuxt Server Time", dt_285;dur=502
set-cookie: platform_type=desktop; Path=/; Expires=Thu, 01 Dec 2022 04:10:38 GMT
SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; Path=/; HttpOnly; Secure; SameSite=Lax
lng=us; Path=/
auid=sv0OpGOENL+Xqoj4BDXLAg==; expires=Tue, 28-Nov-23 04:10:39 GMT; path=/
vary: User-Agent, Accept-Encoding
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/web-api/api/converslon/load

178.253.14.164

200 OK

0 B

URL HTTP/2
lite-1x86926289.top/web-api/api/converslon/load
IP
178.253.14.164:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /web-api/api/converslon/load HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Is-srv: false
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:41 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=28, dt_285;dur=31
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/web-api/external-api/config/all

178.253.14.164

200 OK

0 B

URL HTTP/2
lite-1x86926289.top/web-api/external-api/config/all
IP
178.253.14.164:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /web-api/external-api/config/all HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Requested-With: XMLHttpRequest
Origin: https://lite-1x86926289.top
Connection: keep-alive
Referer: https://lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:40 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=70, dt_285;dur=73
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1

178.253.14.164

200 OK

0 B

URL HTTP/2
lite-1x86926289.top/promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1
IP
178.253.14.164:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /promo-frame/us/landing-page/landing_first_deposit_bet26_p45_ar1 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:39 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
etag: "130d-ufE1HZAKlvtuN9B7jrneLvpL/Z8"
server-timing: dt_285;dur=3
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

lite-1x86926289.top/web-api/g/859f637437984de335c1d3bc07b1957bed4cdf03

178.253.14.164

200 OK

0 B

URL HTTP/2
lite-1x86926289.top/web-api/g/859f637437984de335c1d3bc07b1957bed4cdf03
IP
178.253.14.164:0
ASN
#0

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

POST /web-api/g/859f637437984de335c1d3bc07b1957bed4cdf03 HTTP/1.1
Host: lite-1x86926289.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lite-1x86926289.top/us/landing-page/landing_first_deposit_bet26_p45_ar1
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Origin: https://lite-1x86926289.top
Content-Length: 31240
Connection: keep-alive
Cookie: platform_type=desktop; SESSION=a2ff5d06b3c9e33cd127d6d361b222a4; lng=us; auid=sv0OpGOENL+Xqoj4BDXLAg==; window_width=1280; che_g=74d78da5-fed6-bd71-fb82-5b9f032a4a6d; tzo=0; _ga=GA1.1.1591737896.1669608642; _gid=GA1.2.1173194502.1669608642; _ga_5671CMJ6T4=GS1.1.1669608641.1.0.1669608641.0.0.0; _ga_7JGWL9SV66=GS1.1.1669608641.1.0.1669608641.0.0.0; _gat_gtag_UA_178408567_1=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 04:10:43 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: gzip
server-timing: p;dur=28, dt_285;dur=30
vary: Accept-Encoding
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (35)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations