1xlite-497172.top/_nuxt/check-ob.js
274 B URL 1xlite-497172.top/_nuxt/check-ob.js
IP
ASN #202492 Silverhill Group Holding Ltd
File type ASCII text, with very long lines (341)
Hash 51c38d7f8ad860f8b5bc7010ea8fdb7e
d8800c25a96238ea8eb8a087b9285b7ebf617a01
9dc59b4e91c1aada81294c54029320042844fe6f142eb8ad393b97227db7f531
GET /_nuxt/check-ob.js HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 274
last-modified: Fri, 08 Dec 2023 11:38:13 GMT
vary: Accept-Encoding
etag: "65730025-112"
content-encoding: gzip
expires: Sat, 09 Dec 2023 14:35:52 GMT
cache-control: max-age=86400
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/polyfills.js
0 B URL 1xlite-497172.top/polyfills.js
IP
ASN #202492 Silverhill Group Holding Ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /polyfills.js HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
vary: user-agent
cache-control: public, max-age=2678400, s-maxage=2678400
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.015
X-Firefox-Spdy: h2
1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
200 OK 224 kB URL User Request GET HTTP/2 1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
IP
ASN #202492 Silverhill Group Holding Ltd
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (6237)
Size 224 kB (223699 bytes)
Hash 56c9b0e7f35c4d1329881c9be5921daf
f93de32ee09f014cdeb5b6a1398c3469c2ee9ea8
aa85133f7a276f1df8b49ade7e6549bc8ac022fe94a7e0ac57330c761a39122c
GET /ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:44 GMT
content-type: text/html; charset=utf-8
content-encoding: br
server-timing: total;dur=1146;desc="Nuxt Server Time", dt_total;dur=1149.008, wf-uht;dur=1.165
set-cookie: platform_type=desktop; Path=/; Expires=Tue, 12 Dec 2023 02:30:43 GMT
lng=ru; Path=/
cookies_agree_type=3; Path=/
tzo=1; Path=/
is12h=0; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Wed, 07 Feb 2024 02:30:43 GMT
reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; Path=/; Expires=Sat, 09 Dec 2023 03:30:43 GMT
postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; Path=/; Expires=Mon, 08 Jan 2024 02:30:43 GMT
auid=sv0YVWVz0VQP+MTSAxY0Ag==; path=/; secure; httponly; samesite=lax
vary: Accept-Encoding
x-dt: 285
x-frame-options: SAMEORIGIN
x-time-ng: 1.149
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/73af44fe.css
6.7 kB URL v3.traincdn.com/_nuxt/desktop/default/css/73af44fe.css
IP
File type ASCII text, with very long lines (50143), with no line terminators
Hash 97ad5f3395dc18081c427a18acafc85f
d001a8e441dc9f3d9f5e08797a5ae01209f58d90
eb12a2680ad273a1dd028a19c9d266cab98e20582327e19fd44a84e599088b3d
GET /_nuxt/desktop/default/css/73af44fe.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: text/css
content-length: 6660
cache-control: max-age=86400
content-encoding: gzip
etag: "6571b5c6-1a04"
expires: Sat, 09 Dec 2023 08:17:55 GMT
last-modified: Thu, 07 Dec 2023 12:08:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 65570
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-04447f35.js
10 kB URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-04447f35.js
IP
File type HTML document, Unicode text, UTF-8 text, with very long lines (34519), with no line terminators
Hash b4959ecabe75947032a15eea93c43cbd
185b79b0228e4d9e33d796c00c57245d02514069
2c4382d192a8ed2dcd01c010396f659e15d7bd1b96d6edc0873bf97c80ac2af2
GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-04447f35.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 10084
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-2764"
expires: Sat, 09 Dec 2023 08:40:39 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 64233
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-b0e74100.js
45 kB URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-b0e74100.js
IP
File type Unicode text, UTF-8 text, with very long lines (65384), with no line terminators
Hash 7073b13a5855f0a36f48cb849aefc2a5
a234f6673af25961e4c17fe0ea48731562d5f720
a5d0130a0b4e97ccd557d541b160870b23434218fd61d6ea04a5eed7b0a7cb26
GET /_nuxt/desktop/default/Page.Betting.Main-b0e74100.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 45337
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-b119"
expires: Sat, 09 Dec 2023 13:27:15 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47022
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-174cb6f6.js
200 OK 5.8 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-174cb6f6.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (23537), with no line terminators
Hash 28c5cf88688f0ba526237f0bff930b31
60b8efd70122a9e971e6d4a1a5af58ce64eefc9f
3011336a20f1ec50f943c0766d49794301ff433baa25fe5c71ad2a26b17a43d2
GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-174cb6f6.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 5781
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-1695"
expires: Sat, 09 Dec 2023 13:27:09 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47021
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/2fc62149.css
1.5 kB URL v3.traincdn.com/_nuxt/desktop/default/css/2fc62149.css
IP
File type ASCII text, with very long lines (7649), with no line terminators
Hash 83bbcaa18914b98d714d6a8cc04c07a1
3c4c8e70af66cb2dec8dea84d3ecc6ec69eae24f
87b2457640c522d9711ae0b7059fdcbbd07141d9b2920e35d1c086e7abd13ad6
GET /_nuxt/desktop/default/css/2fc62149.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: text/css
content-length: 1484
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-5cc"
expires: Sat, 09 Dec 2023 13:30:56 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 46791
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/efdd4965.css
1.4 kB URL v3.traincdn.com/_nuxt/desktop/default/css/efdd4965.css
IP
File type ASCII text, with very long lines (8256), with no line terminators
Hash 4eb1498fd950356d53029bc9ff4c0aaf
ecf0c5abdfdfb029db3e34fefc08cf6f19ce05b3
c547881c54a0047fb55b3d216d1e2531271ec9a0873b5722871402d0a0cd07e3
GET /_nuxt/desktop/default/css/efdd4965.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: text/css
content-length: 1433
cache-control: max-age=86400
content-encoding: gzip
etag: "6571b5c6-599"
expires: Sat, 09 Dec 2023 08:17:55 GMT
last-modified: Thu, 07 Dec 2023 12:08:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 65570
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.SportMenuApp-9233adb1.js
200 OK 3.0 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.SportMenuApp-9233adb1.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (10438), with no line terminators
Hash 19b14880f130494aa50e3f623b5e2c89
ced772eb67ef57c143ebafd4b10dad427a2a93f8
5662d3fc033c578c456905ae0c4990cbdca83e5167b1d1e8621aaa3d10955e60
GET /_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.SportMenuApp-9233adb1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 2952
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-b88"
expires: Sat, 09 Dec 2023 08:40:35 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 64213
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.NewCyber.CyberApp/Page.NewCybe/681b90be-1861d0c0.js
7.9 kB URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.NewCyber.CyberApp/Page.NewCybe/681b90be-1861d0c0.js
IP
File type Unicode text, UTF-8 text, with very long lines (26255), with no line terminators
Hash e3e055b4f897b0168e4ca72a55d7fe61
08f8d1f9ca1c677f1e60ffcad1cd4156731e7e87
b2a24f3d18f95a6ad30ed0522e480ee43cd3d57a7f083be2b5db5cd1a182465a
GET /_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.NewCyber.CyberApp/Page.NewCybe/681b90be-1861d0c0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 7930
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-1efa"
expires: Sat, 09 Dec 2023 08:40:38 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 64232
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-067e89cd.js
14 kB URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-067e89cd.js
IP
File type Unicode text, UTF-8 text, with very long lines (58153), with no line terminators
Hash 2face2fe647900eae08472d351eadfad
fdee6257e6bebc06ba170f468d690dac61f72620
8a93c17c3aea38cd30b26f7497fb1559dc69d97b68429d3cf64c93ed1f77939b
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-067e89cd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 14523
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-38bb"
expires: Sat, 09 Dec 2023 13:27:15 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.Cy/533e0c9c-a0b666df.js
200 OK 3.5 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.Cy/533e0c9c-a0b666df.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (13860), with no line terminators
Hash 8413817544e53f599a99f4f36e6c84c3
02d3273bd97966c43149f5d0e5542d7ea47e2761
7fbe3955fb97d7f95e732713676782d0bffacd7de05b5fb127eb548a77c9686b
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.Cy/533e0c9c-a0b666df.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 3522
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-dc2"
expires: Sat, 09 Dec 2023 08:40:45 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 64233
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/8edf10d9.css
200 OK 2.6 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/8edf10d9.css
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (19656), with no line terminators
Hash a2c2cf9380b3264c2bbdeab0f9a8710a
4a9ad30b15fc6e23594d1682be4ce6624ab223df
d2d7404d5f7ae0ab1809ae5008d12f7e86fffc178f98e679413e7e943bda2f03
GET /_nuxt/desktop/default/css/8edf10d9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: text/css
content-length: 2565
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-a05"
expires: Sat, 09 Dec 2023 11:45:42 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 53103
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-bd24a03d.js
200 OK 12 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-bd24a03d.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (46600), with no line terminators
Hash 2a83d9a34630c2e7dc84054562ec4895
d359e8e15a8b80ce061317560f4b468c34b3266b
f716c22cbaafa46875fb971dc98065b908ab16208c3f2718177cdd2887f6e6e2
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-bd24a03d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 12167
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-2f87"
expires: Sat, 09 Dec 2023 08:40:36 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 64233
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/1288a20f.css
117 B URL v3.traincdn.com/_nuxt/desktop/default/css/1288a20f.css
IP
File type ASCII text, with no line terminators
Hash e18bd752b8aa19aba5a9c749f5baee2b
8fedec6ab7ced2012d0b84aeb3aa1a9aa89bc04c
c2377d42a8b47b8b1a1eaf99262a162774ce4c0c4f119fe1a1930b76aeedef3d
GET /_nuxt/desktop/default/css/1288a20f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: text/css
content-length: 117
cache-control: max-age=86400
content-encoding: gzip
etag: "6571b5c6-75"
expires: Sat, 09 Dec 2023 08:17:55 GMT
last-modified: Thu, 07 Dec 2023 12:08:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 65570
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.BettingLeftAside-b7e9368b.js
6.5 kB URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.BettingLeftAside-b7e9368b.js
IP
File type Unicode text, UTF-8 text, with very long lines (20063), with no line terminators
Hash bd64dac03b770b54300343aa0a12f231
1f5ccd52dc24ea614a160b035875c8c6de2b486c
c966015069ec485d37a435c0880438ae1a7efc88fce6d4afa94d4fd14d0a77e3
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.BettingLeftAside-b7e9368b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 6490
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-195a"
expires: Sat, 09 Dec 2023 13:27:15 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/64a6de4e.css
204 B URL v3.traincdn.com/_nuxt/desktop/default/css/64a6de4e.css
IP
File type ASCII text, with very long lines (502), with no line terminators
Hash 1f02b8463ec288496d7b1ccc18c2cd9b
90633342134fc525352e60666e7ecd91d09c5d88
5e7585ad750a636350d96c16842be6fe71d50815a9ef401c5caed5e8d3ca1258
GET /_nuxt/desktop/default/css/64a6de4e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: text/css
content-length: 204
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-cc"
expires: Sat, 09 Dec 2023 10:49:22 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 56483
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-d9c779b0.js
645 B URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-d9c779b0.js
IP
File type ASCII text, with very long lines (1333), with no line terminators
Hash f08ec3fde2c0e53db199f407fc0c0dfc
69118a3a941401b904ed5c8d61106128b2bcdfbe
ebfc1c31703c80e2165ece3dc8c4a314b86a92070f5b974b81a7b7b6509dfe9b
GET /_nuxt/desktop/default/Page.Betting.Main.BettingContent-d9c779b0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 645
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-285"
expires: Sat, 09 Dec 2023 13:27:08 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/c1ae3820.css
200 OK 1.4 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/c1ae3820.css
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (7592), with no line terminators
Hash 80d822002048c569e488a7c9b0a208fe
084ba85491a073b694df75ed75d19ab16fd8f064
2add226414afb8170d04a6a4a7e9b6c0e4a4306af6b2a6cd7a12fcf9896b2f6e
GET /_nuxt/desktop/default/css/c1ae3820.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: text/css
content-length: 1426
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-592"
expires: Sat, 09 Dec 2023 11:45:46 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 53099
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css
6.0 kB URL v3.traincdn.com/genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css
IP
File type ASCII text, with very long lines (31015), with no line terminators
Hash 18603de751dfbb9dfce223a223d2c88f
3adb85f70e82ea408280ae0a66ec45ccdc837a35
eb31793e8ff383332268ef81c07e4b26dfe63ee0873cd89e5c18313a6627b493
GET /genfiles/site-admin/colors/13f2420925687a194e4c38472ae71214.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: text/css
content-length: 5963
cache-control: public, max-age=3600, s-maxage=3600
content-encoding: gzip
etag: W/"18603de751dfbb9dfce223a223d2c88f"
expires: Sat, 09 Dec 2023 03:13:37 GMT
last-modified: Thu, 07 Dec 2023 07:53:20 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.002
age: 1028
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-5fd8caaa.js
200 OK 6.5 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-5fd8caaa.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (24249), with no line terminators
Hash fd3136a0093499dd3214fa498628308f
4b09ae8bafbad0fd629a15a4ba2c209f30c2b65b
1431edddb304cf953bdfa01c0a534bab9a9cf0e914dc0007cbda1118e2ef64e5
GET /_nuxt/desktop/default/Layout.Betting.ExpressDay-5fd8caaa.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 6540
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-198c"
expires: Sat, 09 Dec 2023 13:27:48 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg
200 OK 698 B URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1224), with no line terminators
Hash 7cca3986f7a5c4c164144ff11df71073
b22531fb1cb3ab6325986f299e0de1690a2a2724
2cb7283447d210aa27e07657e00beefe6731f9771a9445be4e44e96dfe88c232
GET /genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: image/svg+xml
content-length: 698
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"7cca3986f7a5c4c164144ff11df71073"
expires: Sat, 09 Dec 2023 02:45:09 GMT
last-modified: Tue, 02 May 2023 10:06:49 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 2738
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/e5275de8.css
19 kB URL v3.traincdn.com/_nuxt/desktop/default/css/e5275de8.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 67eba09cb9dcad51a8c229be9eab8887
91fbcccd8885287f0cd1c0cdcf0a18d55bd7e805
39edc58e666c88842a3526eccd1a52440618fb353c8240947144e18c27b86036
GET /_nuxt/desktop/default/css/e5275de8.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: text/css
content-length: 19361
cache-control: max-age=86400
content-encoding: gzip
etag: "6571b5c6-4ba1"
expires: Sat, 09 Dec 2023 08:17:55 GMT
last-modified: Thu, 07 Dec 2023 12:08:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 65570
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/app-5a1f5ac5.js
239 kB URL v3.traincdn.com/_nuxt/desktop/default/app-5a1f5ac5.js
IP
File type Unicode text, UTF-8 text, with very long lines (64816), with no line terminators
Size 239 kB (239420 bytes)
Hash 96b9b7c111c1450d4dff005d2112daab
14a286ab912224489865094c5527a7490e8d5ecb
0b26cc2d3b865d462d93e2103a350be5d22d43215ca86e11b6150f4923624eae
GET /_nuxt/desktop/default/app-5a1f5ac5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 239420
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-3a73c"
expires: Sat, 09 Dec 2023 13:27:15 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47020
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/runtime-3552dc47.js
16 kB URL v3.traincdn.com/_nuxt/desktop/default/runtime-3552dc47.js
IP
File type ASCII text, with very long lines (49871), with no line terminators
Hash 271c13ffe878e65bcae41ec3b6d9032e
cb72fa616943b04a7ef92db5e20523245a6db804
bc393bb418808c93f876550a25555d7d8ea5149a5a39d1d935badbe5de49afdd
GET /_nuxt/desktop/default/runtime-3552dc47.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 15798
cache-control: max-age=86400
content-encoding: gzip
etag: "6573342e-3db6"
expires: Sat, 09 Dec 2023 15:40:25 GMT
last-modified: Fri, 08 Dec 2023 15:20:14 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 39024
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/version.json
200 OK 44 B URL GET HTTP/2 v3.traincdn.com/version.json
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hash 2a30c9a126bcf3abc36da84e0a035db6
b268409d06d7e0dc9b3f5044b8aa31af80f2871f
5c673f0f2cfe78bfee7080a0c830b735d1c194d2adadc4498a49ca531afcd2e1
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/json
content-length: 44
cache-control: max-age=60, s-maxage=60
content-encoding: gzip
etag: "65733552-2c"
expires: Sat, 09 Dec 2023 02:31:20 GMT
last-modified: Fri, 08 Dec 2023 15:25:06 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 26
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/12b6c10c.css
77 kB URL v3.traincdn.com/_nuxt/desktop/default/css/12b6c10c.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash de02a5477e2ab0b04b14cc2af357611a
c45bd6c16b34cc670e0f9951e756d6245c601de1
27b491fb87795a845b5d4c3c9ac770b57c453252c771e09547afd24811dfbe74
GET /_nuxt/desktop/default/css/12b6c10c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: text/css
content-length: 76571
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-12b1b"
expires: Sat, 09 Dec 2023 14:48:06 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 42159
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/app-5db3bd89.js
305 kB URL v3.traincdn.com/_nuxt/desktop/default/vendors/app-5db3bd89.js
IP
File type Unicode text, UTF-8 text, with very long lines (61101)
Size 305 kB (304801 bytes)
Hash a0b67025a791cfb3e8de73de8e30bda3
28cf9829b0709d595e08d8c61dcf680802a02367
9446b87ae1ef8b0d45fbdf1573576a9ed350c412d09b7062309b6f677242875d
GET /_nuxt/desktop/default/vendors/app-5db3bd89.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 304801
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-4a6a1"
expires: Sat, 09 Dec 2023 13:27:05 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47022
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
64 kB URL v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 63748, version 1.0\012- data
Hash 6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: font/woff2
content-length: 63748
cache-control: max-age=86400
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Sat, 09 Dec 2023 02:59:59 GMT
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 1846
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
65 kB URL v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 64732, version 1.0\012- data
Hash 3ac5d40d1b3966fc5eb09ecca74d9cbf
a69f32357765dd321519889aeacba5e9ca893bb0
3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: font/woff2
content-length: 64732
cache-control: max-age=86400
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
expires: Sat, 09 Dec 2023 02:45:55 GMT
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.003
age: 2690
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
200 OK 64 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 63920, version 1.0\012- data
Hash a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: font/woff2
content-length: 63920
cache-control: max-age=86400
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Sat, 09 Dec 2023 02:53:49 GMT
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 2216
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png
200 OK 653 B URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash e6f0766cbd95db33da44e7a9140648f2
5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0
GET /genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: image/png
content-length: 653
cache-control: public, max-age=86400
etag: "e6f0766cbd95db33da44e7a9140648f2"
expires: Sat, 09 Dec 2023 02:59:02 GMT
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 1908
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/85fdbd9b.css
204 B URL v3.traincdn.com/_nuxt/desktop/default/css/85fdbd9b.css
IP
File type ASCII text, with very long lines (502), with no line terminators
Hash 220ac0e19dd32e88325ee563113b9c9c
ee2d0a5aa83d252886854910aabfbdef084c0215
0ae54ce6f5b046155afe5ef48231953dbd80506a21049681f0274acb6f2d399e
GET /_nuxt/desktop/default/css/85fdbd9b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: text/css
content-length: 204
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-cc"
expires: Sat, 09 Dec 2023 11:00:53 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 55794
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-2f4a123e.js
200 OK 633 B URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-2f4a123e.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (1235), with no line terminators
Hash d1264353d911f3441c5c20e797f95f09
1f6d68ea332dfc2d31a476bde5a9e11968031a29
7ae17c44314e5879d7afe4b3e6254274fb1d096caf74defafed570d3fd67fdd5
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingContent-2f4a123e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 633
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-279"
expires: Sat, 09 Dec 2023 13:27:52 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47020
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-80733517.js
4.2 kB URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-80733517.js
IP
File type ASCII text, with very long lines (14571), with no line terminators
Hash b6d71bea5e19346ac93a1e3a5aea916b
43479df56d18bc02ac824446854b2b42eee1b8d4
89a61ca2fa77d450470475fe5b25fa3c317f0153531f70415532f98316b9e327
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-80733517.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 4193
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-1061"
expires: Sat, 09 Dec 2023 13:27:16 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47021
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/3d329539.css
1.3 kB URL v3.traincdn.com/_nuxt/desktop/default/css/3d329539.css
IP
File type ASCII text, with very long lines (6725), with no line terminators
Hash 7f8e68bf0fdc054ef168fb59416dabef
a7cebaadf38844d6ed4160cb519ea7f29c0e2ee7
e42d7bd1934f5cd1aa052d6fc83a51c0631c8ce91e0e44b5d5f88ce43179bd07
GET /_nuxt/desktop/default/css/3d329539.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: text/css
content-length: 1293
cache-control: max-age=86400
content-encoding: gzip
etag: "6571b5c6-50d"
expires: Sat, 09 Dec 2023 08:17:58 GMT
last-modified: Thu, 07 Dec 2023 12:08:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 65568
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-906888f0.js
200 OK 4.7 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-906888f0.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (17005), with no line terminators
Hash bc6aa45d477ef4112c368c4c06e95b8d
8e261c577e569a69763e9a5f7338117097433b4b
a3a2fc2a482e3022ca92938415a098591c67bd1f21da87922af4d8767d00f467
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-906888f0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 4747
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-128b"
expires: Sat, 09 Dec 2023 13:27:08 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/2c5f174e.css
4.8 kB URL v3.traincdn.com/_nuxt/desktop/default/css/2c5f174e.css
IP
File type ASCII text, with very long lines (38647), with no line terminators
Hash 7cad38815a915bdf9283d1a8fceb7813
e80b301a7e2046fafcc1279470292cd3e664b9b9
4808557c5d10e530d9d0e4f286bf2dc6bb5f6a2e8f7a51ed4e11d1bee0bb327c
GET /_nuxt/desktop/default/css/2c5f174e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: text/css
content-length: 4787
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-12b3"
expires: Sat, 09 Dec 2023 11:07:13 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 55415
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-60f62b7e.js
24 kB URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-60f62b7e.js
IP
File type Unicode text, UTF-8 text, with very long lines (65384), with no line terminators
Hash a6777543b02be4cf0db4f2a3d6494aca
341750022c3ace58de759b22c87fff03e727b39d
3de431c2b4b5f45891b4700ce88e7636181f0ac0304b8cd040fc68d2f0684d24
GET /_nuxt/desktop/default/Page.Betting.Main.Asian-60f62b7e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 23825
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-5d11"
expires: Sat, 09 Dec 2023 13:27:15 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47020
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-5abbb1ec.js
22 kB URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-5abbb1ec.js
IP
File type ASCII text, with very long lines (65476)
Hash 3991a4cfcd72cc2be434e88a66e6b828
4ff686645d2780d52d98859438451203afddfb45
afb80f72266c1adf72a1bb7f28337a7a9e390a27b127f67143b2a21ae40287b3
GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-5abbb1ec.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 21893
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-5585"
expires: Sat, 09 Dec 2023 13:27:16 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47017
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-950fa249.js
200 OK 4.6 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-950fa249.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (12527), with no line terminators
Hash 011e696f3245793fed5618f29bf6b34c
88d4855851e94ab87f3a2aa910c93c67935eacc4
48f6d34f34af703b724a2ff006759c673e895ac0b6d6efb0f3f61288b296e4f1
GET /_nuxt/desktop/default/vendors/plugins.vue-notification-950fa249.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 4556
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-11cc"
expires: Sat, 09 Dec 2023 13:27:15 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47017
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/e1ad5afb.css
943 B URL v3.traincdn.com/_nuxt/desktop/default/css/e1ad5afb.css
IP
File type ASCII text, with very long lines (3303), with no line terminators
Hash cacc6d6ba45cf94ef4172d935ce1dc39
1ebd443b4446bb9d07e56deb39c88be4b67e0f16
dec9bcae0186bee94c16b3012dcc5379eb7ab98380875cedf2342baf66ba70e5
GET /_nuxt/desktop/default/css/e1ad5afb.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: text/css
content-length: 943
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-3af"
expires: Sat, 09 Dec 2023 15:13:24 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 40642
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-3db4e2eb.js
200 OK 8.1 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-3db4e2eb.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type HTML document, ASCII text, with very long lines (26717), with no line terminators
Hash c878d796fb9fe23a144f19db05a166b6
0b13fa982ffb16580a720b1410db20324b555d0c
914ac6cb3c10a90f4bd3ea89a53d3a05149acf076f17b53f406cc7aef3093b79
GET /_nuxt/desktop/default/vendors/plugins.vue-js-modal-3db4e2eb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 8056
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-1f78"
expires: Sat, 09 Dec 2023 13:27:16 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47017
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/genfiles/cms/1-285/desktop/media_asset/29ff8e35693b23d6fca06a6514cb28df.json
200 OK 668 B URL GET HTTP/2 1xlite-497172.top/genfiles/cms/1-285/desktop/media_asset/29ff8e35693b23d6fca06a6514cb28df.json
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , ASCII text
Hash b7b882bc87bd49ec0b19e15d62050091
7dd2f9242613b1d6453f8ea25f61f3c036c1c10a
ea3b4c0c004ddc47d397140cb405c5934682606f1e0faeecf9308bfa30cf924e
GET /genfiles/cms/1-285/desktop/media_asset/29ff8e35693b23d6fca06a6514cb28df.json HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: application/json
content-length: 668
last-modified: Tue, 23 May 2023 10:24:59 GMT
etag: "b7b882bc87bd49ec0b19e15d62050091"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sys-icons/1.0.212/285/common.svg
66 kB URL v3.traincdn.com/sys-icons/1.0.212/285/common.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 90c7817a0f115a66c82d3de99fe2b9e0
c03233f6b060374d7fd84d3322cb6e914130f403
061e799e92ae86438a645f5c9b725ed698b929811a56b557838c1192a73100a6
GET /sys-icons/1.0.212/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: image/svg+xml
content-length: 65973
cache-control: max-age=86400
content-encoding: gzip
etag: W/"90c7817a0f115a66c82d3de99fe2b9e0"
expires: Sat, 09 Dec 2023 11:07:18 GMT
last-modified: Mon, 27 Nov 2023 07:27:22 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-mtime: 1701070040.783870721
x-time-ng: 0.002
age: 55408
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sys-icons/1.0.212/285/sports.svg
158 kB URL v3.traincdn.com/sys-icons/1.0.212/285/sports.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Size 158 kB (158176 bytes)
Hash 2bc6784b2bc8f53d0472c0a790cab177
3e76b506e50cba99c1bcb844d305b97b96451c9b
800cee086c8bc64dfab46092bcdc003e9a7822b44861e2753d86aa6b697516ae
GET /sys-icons/1.0.212/285/sports.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: image/svg+xml
content-length: 158176
cache-control: max-age=86400
content-encoding: gzip
etag: W/"2bc6784b2bc8f53d0472c0a790cab177"
expires: Sat, 09 Dec 2023 11:07:12 GMT
last-modified: Mon, 27 Nov 2023 07:27:22 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-mtime: 1701070040.783870721
x-time-ng: 0.002
age: 55414
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sys-icons/1.0.212/285/country.svg
200 OK 62 kB URL GET HTTP/2 v3.traincdn.com/sys-icons/1.0.212/285/country.svg
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 392c1bb51f69d1b06c15dd9083e78d47
4752ad2289bee900a23cc0afe3e7782eef087e0d
a5ce266ff578729cecad90142ca1ea186f168e0ca3ef2acaf6f46140f565aa2a
GET /sys-icons/1.0.212/285/country.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:46 GMT
content-type: image/svg+xml
content-length: 61771
cache-control: max-age=86400
content-encoding: gzip
etag: W/"392c1bb51f69d1b06c15dd9083e78d47"
expires: Sat, 09 Dec 2023 11:07:12 GMT
last-modified: Mon, 27 Nov 2023 07:27:22 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-mtime: 1701070040.783870721
x-time-ng: 0.002
age: 55414
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/DC-eb876f02.js
200 OK 999 B URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/DC-eb876f02.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (2336), with no line terminators
Hash 9f97d34bba5da067220637120e1df419
e4daff4dcfc839062745f08b17f4561b695e3d20
14e1c76028567474e4ea77ed146b76acdb2f4d9f820b100b52a683dfa57e9ec8
GET /_nuxt/desktop/default/DC-eb876f02.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 999
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-3e7"
expires: Sat, 09 Dec 2023 13:27:18 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Betting.Core-c2433c40.js
1.5 kB URL v3.traincdn.com/_nuxt/desktop/default/Betting.Core-c2433c40.js
IP
File type ASCII text, with very long lines (2376), with no line terminators
Hash fd749019f9d64d22f9d9f9c3150df473
20e813847dd28ba50ea39f6dce7b5dc47ba620d2
399d578f583ff01f91e4cd6a1c3ee817652068e46a1d91c737838c01d4ea872d
GET /_nuxt/desktop/default/Betting.Core-c2433c40.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 1534
cache-control: max-age=86400
content-encoding: gzip
etag: "6573342e-5fe"
expires: Sat, 09 Dec 2023 15:40:26 GMT
last-modified: Fri, 08 Dec 2023 15:20:14 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 39023
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-f7627348.js
1.4 kB URL v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-f7627348.js
IP
File type ASCII text, with very long lines (3621), with no line terminators
Hash 5320788612dc135542110765ae86072f
b628ff692895b9e547d8339f0c927c8c51f139ae
2ad2dafaee0c9eb30c0f4ab5ff5fb81db0442aa2e1cd57489b9a877dec69c3fe
GET /_nuxt/desktop/default/consultant.supHelperV2-f7627348.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 1445
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-5a5"
expires: Sat, 09 Dec 2023 13:27:51 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/version.json?timestamp=1702089053802
200 OK 44 B URL GET HTTP/2 1xlite-497172.top/version.json?timestamp=1702089053802
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
Hash 2a30c9a126bcf3abc36da84e0a035db6
b268409d06d7e0dc9b3f5044b8aa31af80f2871f
5c673f0f2cfe78bfee7080a0c830b735d1c194d2adadc4498a49ca531afcd2e1
GET /version.json?timestamp=1702089053802 HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/json
content-length: 44
last-modified: Fri, 08 Dec 2023 15:25:06 GMT
vary: Accept-Encoding
etag: "65733552-2c"
content-encoding: gzip
expires: Sat, 09 Dec 2023 02:31:47 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-497172.top%2Fru&projectId=285
72 B URL 1xlite-497172.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-497172.top%2Fru&projectId=285
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash 2cbc145b099d1dee719c026f951da9b9
3598152670a45ef1a7cd28ba18d3c4a5ea1aed4c
49a0bdc20fefd4d0ad24228a690129a88fcaedb423f59162dd917f63e1eb71bb
GET /seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-497172.top%2Fru&projectId=285 HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/json
content-length: 72
cache-control: max-age=1200, must-revalidate, public
x-request-id: d74ee1b04333e037a89a3c372e570dbc
x-request-guid: 9f88b4ca3835ec0e7fd1b3e6fb65de47
x-content-digest: ence9703551e00917684b735143455d1e7
age: 1095
x-time-ng: 0.003, 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=15.798091888428, wf-uht;dur=0.012
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.20-e59b8646.js
200 OK 1.3 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.20-e59b8646.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (3072), with no line terminators
Hash 0d472590505cea4a80459816a5d8515e
bc2a81695d5d6b4d0feaf8e5e82b96985d67beb9
07b80b1934197b069845e14633a4a1a9fa34bb32b3107fdab5e8dd534aeef2b3
GET /_nuxt/desktop/default/ioc.dependencies.20-e59b8646.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 1321
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-529"
expires: Sat, 09 Dec 2023 08:40:46 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 64212
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/611af4ca-a6bcb3b3.js
7.2 kB URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/611af4ca-a6bcb3b3.js
IP
File type Unicode text, UTF-8 text, with very long lines (31359), with no line terminators
Hash 94fc3e556bb40a1c7177d6587b297d1b
bd907871e1d00d52945b745497a23dd7743ccdce
da617482fb30c4bb4257f6f3bba99d4693f3a9dd6bc36534c23beff5cec68782
GET /_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/611af4ca-a6bcb3b3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 7171
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-1c03"
expires: Sat, 09 Dec 2023 08:40:46 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 64211
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/e5af0352.css
3.0 kB URL v3.traincdn.com/_nuxt/desktop/default/css/e5af0352.css
IP
File type ASCII text, with very long lines (22795), with no line terminators
Hash 7fc626ffd9d7a9db103b51e7639fe21d
c182ab6a5d5cf7011a0428d41d545345d65909fa
026ea31737b4e552294f13ca5d077e5d56a292923ffb2b3f500e35d412cb101c
GET /_nuxt/desktop/default/css/e5af0352.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: text/css
content-length: 2992
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-bb0"
expires: Sat, 09 Dec 2023 13:19:13 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47527
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-07ead707.js
28 kB URL v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-07ead707.js
IP
File type Unicode text, UTF-8 text, with very long lines (65483), with no line terminators
Hash 83d5d42a066d30c3e4e9117c0848ab6b
ddd2c0d1e1de33ddf84eda1627c4c0d5c67b2a16
0455c7ca990384f05813888bbe29dfc69af05c8444af9a6c1994586e60ff2216
GET /_nuxt/desktop/default/betting.SportMenuApp-07ead707.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 27698
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-6c32"
expires: Sat, 09 Dec 2023 13:27:15 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47017
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/62e57421.css
200 OK 1.6 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/62e57421.css
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (8645), with no line terminators
Hash 7eafb18464c23e0f6556cb55e89055d2
30f9a1f7316ac95bd2cfeb0c183f93e07baf5804
8da8938a2200b65e48830c41e047533d1a495171c6972e9e7c8ece613e6760b7
GET /_nuxt/desktop/default/css/62e57421.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: text/css
content-length: 1577
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-629"
expires: Sat, 09 Dec 2023 13:48:39 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 45728
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-ebb7a2ec.js
200 OK 4.1 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-ebb7a2ec.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (13185), with no line terminators
Hash 582858c9cf993e7fc0c275493b0f699f
d40380013ed6886edb3941047c6fa28175aba3be
d3c93a001a682640e507e80667d5e4a31d0ffe77eac0e987d61b353a3680c645
GET /_nuxt/desktop/default/betting.HomeSliderComponent-ebb7a2ec.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 4137
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-1029"
expires: Sat, 09 Dec 2023 13:27:10 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47017
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/477d96d0.css
200 OK 1.3 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/477d96d0.css
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (6194), with no line terminators
Hash 3f9e6993b145ca622f3ea850eacb7245
b0d5cc9ca0e7e512679b3b0a74761155d47334dd
084f6cab75890aeb803e5d1df6a7721eba618b86e99604ef412c8fee328bc472
GET /_nuxt/desktop/default/css/477d96d0.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: text/css
content-length: 1270
cache-control: max-age=86400
content-encoding: gzip
etag: "6571b5c6-4f6"
expires: Sat, 09 Dec 2023 08:23:19 GMT
last-modified: Thu, 07 Dec 2023 12:08:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 65248
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-47bb0ca2.js
200 OK 15 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-47bb0ca2.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (59157), with no line terminators
Hash 52524c3f82a60d07d2d77bde47acae14
1baeda6815f1daa27f5c03e65c81bf9d80213845
ca8bab80998e6fae00768d603bcade32687f55ca364937b7a9688aca27ff7d91
GET /_nuxt/desktop/default/betting.CentralMenuApp-47bb0ca2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 15062
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-3ad6"
expires: Sat, 09 Dec 2023 13:27:15 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47017
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/239b3a82.css
200 OK 454 B URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/239b3a82.css
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (1429), with no line terminators
Hash b5c7b6dfc9433384f5f222d67a6f4270
85e5cfc0284129c4428d2f7de5731e568da070cf
83e6033ea9bffc7dee6c4414ea5febb81b7900a3a3ddef58530780861b754730
GET /_nuxt/desktop/default/css/239b3a82.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: text/css
content-length: 454
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-1c6"
expires: Sat, 09 Dec 2023 11:16:36 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 54854
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-7efe23f1.js
17 kB URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-7efe23f1.js
IP
File type Unicode text, UTF-8 text, with very long lines (41022), with NEL line terminators
Hash d829b0e8aac3a017b513f320a269fd8e
2be362874b433bf67faac0654aec1ff9ecb54c96
db06f6e1763a4dbd42233d44859c1198d0041097aa4f4772f588838be2c0ac5b
GET /_nuxt/desktop/default/vendors/betting.media-7efe23f1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 16832
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-41c0"
expires: Sat, 09 Dec 2023 13:27:15 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47017
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/a16991b5.css
200 OK 1.5 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/a16991b5.css
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (6955), with no line terminators
Hash cffc42698826b6dba0709d55d070c665
c96adc4c6e5c8c8011e3307daa52941ae89bf7cb
dcdd23b29663b53d947e09243e785dc36f5d5a9478d5ce640081660fea7ffa29
GET /_nuxt/desktop/default/css/a16991b5.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: text/css
content-length: 1461
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-5b5"
expires: Sat, 09 Dec 2023 13:31:43 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 46746
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
200 OK 286 B URL POST HTTP/2 1xlite-497172.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 838e4aea7c5ad530939f178e3d0031c8
b109b1587b3eba243e119e10d5413461dd1e08b6
3863d430d8e53d62ea4b8c59ec087be76d631127df7e45a5b9225af28ee47f40
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Content-Type: application/json
X-Lang: ru
X-Uuid: ebf4984d-7c96-4dc2-8049-01dac954acd0
Content-Length: 81
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/json
vary: Accept-Encoding
content-encoding: br
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.media-6f3a75a5.js
4.7 kB URL v3.traincdn.com/_nuxt/desktop/default/betting.media-6f3a75a5.js
IP
File type ASCII text, with very long lines (16430), with no line terminators
Hash 4a3456bbbe98ce3a0c445d34465260d9
2c5bea8d77417ce2d24602b02411b734add9697d
3e16281585cad9465bce300a7fd93ff78823a39415e92105fe51778acb02f03d
GET /_nuxt/desktop/default/betting.media-6f3a75a5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/javascript; charset=utf-8
content-length: 4655
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-122f"
expires: Sat, 09 Dec 2023 13:27:16 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47017
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/session-api/sessions/user
16 B URL 1xlite-497172.top/session-api/sessions/user
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash 646b2e82b65602d35f7aa6283c387e3a
b163a70c5df8e4b0861a23a04f8a6f78393747f4
b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab
GET /session-api/sessions/user HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.194953918457, wf-uht;dur=0.010
X-Firefox-Spdy: h2
1xlite-497172.top/bff-api/event-logo/suitable.json?lang=ru
35 B URL 1xlite-497172.top/bff-api/event-logo/suitable.json?lang=ru
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash aac324d41195f32bfe54e54d93278c5f
fef4c6f9c7fcc2a1affe2f33dba6a12592d92bcd
701fbb0767c5e6a29fd1b14383e92eb68a20fa5d120d4f0badf5b9a1bb276547
GET /bff-api/event-logo/suitable.json?lang=ru HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/json
content-length: 35
cache-control: no-cache, private
server-timing: bff;dur=10.77, dt_total;dur=36.090, wf-uht;dur=0.050
x-dt: 285
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-497172.top/service-api/LiveFeed/WebGetTopChampsZip?gr=285&country=137
216 B URL 1xlite-497172.top/service-api/LiveFeed/WebGetTopChampsZip?gr=285&country=137
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 80bbe9e1cb99823e96c147a7bae169c5
96eddaa0dcbaf541cdb807b33e0a8460afba7ed3
ed166d04b835d71d1e3486406d2b65eccfc8b82f3f56f3c2df1359b169c5cd13
GET /service-api/LiveFeed/WebGetTopChampsZip?gr=285&country=137 HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/json; charset=utf-8
content-length: 216
cache-control: no-cache
content-encoding: br
last-modified: Sat, 09 Dec 2023 02:30:47 GMT
vary: Accept-Encoding
x-time-ng: 0.007
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.020
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/52a94554.css
200 OK 1.1 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/52a94554.css
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (4319), with no line terminators
Hash a8ca6ad918662919832dfadf40101246
305ccd8daad4f79301ef418766f1aa6786cde6bc
bb8d0ffe4dbc2c0f2615e5aa182699dc27c845701a9fa311366b52610261384a
GET /_nuxt/desktop/default/css/52a94554.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: text/css
content-length: 1149
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-47d"
expires: Sat, 09 Dec 2023 13:31:40 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 46748
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp/registration.Main/user.userRegistration-c0754d2d.js
200 OK 19 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp/registration.Main/user.userRegistration-c0754d2d.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 1f53ea24eb43bedf47e99767ef3586d9
65392464d8973b93236ac35cccdcf2a9c2ddd451
2c188c8c6c316061e6e44fe90909f83080738a0f198536b4bae87dbc4543a482
GET /_nuxt/desktop/default/vendors/RegistrationWidgetApp/registration.Main/user.userRegistration-c0754d2d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 19278
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-4b4e"
expires: Sat, 09 Dec 2023 13:27:16 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/87ca12c6.css
551 B URL v3.traincdn.com/_nuxt/desktop/default/css/87ca12c6.css
IP
File type ASCII text, with very long lines (1864), with no line terminators
Hash 25e620c2a8c380d6a0ecece799921fdf
07e9e53816eac0b9ffeac96e469c855bc16b13ac
724b5597b1d57403e5e0415b41eeacaf8ca9ad93866b6a0c8ad2325552c4c0c8
GET /_nuxt/desktop/default/css/87ca12c6.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: text/css
content-length: 551
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-227"
expires: Sat, 09 Dec 2023 13:25:36 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47117
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/RegistrationWidgetApp-8ceab5bc.js
2.7 kB URL v3.traincdn.com/_nuxt/desktop/default/RegistrationWidgetApp-8ceab5bc.js
IP
File type ASCII text, with very long lines (7706), with no line terminators
Hash 0e35bf373bbcac03a721c1efc8178402
5cc6086d49dedde5da92e25598eedfd11da5e95e
5d3d10b1d9fe15131cf38a5c64e8c2dc572b9e6bac3fa456151b3137da2087ec
GET /_nuxt/desktop/default/RegistrationWidgetApp-8ceab5bc.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 2673
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-a71"
expires: Sat, 09 Dec 2023 13:27:10 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.coupon2/vuedraggable-2ea03116.js
200 OK 24 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/betting.coupon2/vuedraggable-2ea03116.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (65472)
Hash 80563caf16723e08f8b02b3a7ef18183
835e4e18087e872c1e01949bd189cc99d02c4f03
6427654a2c3d11ab22638f67d37dd2ddf2618a0aa0dc4384777fa20cd912c6c5
GET /_nuxt/desktop/default/vendors/betting.coupon2/vuedraggable-2ea03116.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 23572
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-5c14"
expires: Sat, 09 Dec 2023 13:27:15 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.coupon2-8ed76d2f.js
200 OK 9.2 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/betting.coupon2-8ed76d2f.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (34380), with no line terminators
Hash b4114a4fd2cce5048e2ca3b3607d734e
dee7402c01a4e0e3c84c73ee9152b6828bfc7dc5
05319b33e93f6c7c2ea322e9997c554f24f1268952192fa417e121d1d26c3489
GET /_nuxt/desktop/default/vendors/betting.coupon2-8ed76d2f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 9235
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-2413"
expires: Sat, 09 Dec 2023 13:27:35 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47019
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/d5261c57.css
2.7 kB URL v3.traincdn.com/_nuxt/desktop/default/css/d5261c57.css
IP
File type ASCII text, with very long lines (29028), with no line terminators
Hash 5c51d3ab40120cb3fa0dfd82e8637327
b98822a194e1cd5290ead5c932ff4dfc77d26026
16f5b21b2355c80bf23ea50b75bee5d482c3d326e191ee892b22541c8fc5d654
GET /_nuxt/desktop/default/css/d5261c57.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: text/css
content-length: 2650
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-a5a"
expires: Sat, 09 Dec 2023 10:37:20 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 57209
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/service-api/LiveFeed/GetTopGamesStatZip?antisports=66
2.2 kB URL 1xlite-497172.top/service-api/LiveFeed/GetTopGamesStatZip?antisports=66
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6151), with no line terminators
Hash bb0e3354ab55b7218ecf1e031f4a45e7
7ddcb452d2682cbb1249fa040914aa8041b644f8
1b3f7ae4bee755e31dbf205874371749f708903534dabe093645555bb170701e
GET /service-api/LiveFeed/GetTopGamesStatZip?antisports=66 HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: application/json; charset=utf-8
content-length: 2217
cache-control: public, max-age=5
content-encoding: br
last-modified: Sat, 09 Dec 2023 02:30:48 GMT
vary: Accept-Encoding
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.017
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.coupon2/modal.CouponsSellModal-cfc40c1f.js
200 OK 6.3 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/betting.coupon2/modal.CouponsSellModal-cfc40c1f.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (21035), with no line terminators
Hash 3948cc260995c23c1ee115fbaf0f7c02
5e6855e2cfe7b44503c224b90de7ff9ebfb71355
c3df5645eaddcd4abc7b675ba42d3c979f4659e455b4abe460a44b44ed7eb98f
GET /_nuxt/desktop/default/betting.coupon2/modal.CouponsSellModal-cfc40c1f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 6297
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-1899"
expires: Sat, 09 Dec 2023 13:27:15 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/277e301d.css
6.8 kB URL v3.traincdn.com/_nuxt/desktop/default/css/277e301d.css
IP
File type ASCII text, with very long lines (52136), with no line terminators
Hash 33c8d0916d9a03eb2d3709897573435e
e67ef92b180e2cbafbe92de7ca96312db9efdf97
c9da1bb6b3afa2709dfed97b213abcb4aab7bb27e21ad494ee8bbdfb1aa7fc2f
GET /_nuxt/desktop/default/css/277e301d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: text/css
content-length: 6808
cache-control: max-age=86400
content-encoding: gzip
etag: "6571b5c6-1a98"
expires: Sat, 09 Dec 2023 08:18:08 GMT
last-modified: Thu, 07 Dec 2023 12:08:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 65560
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-763a1b69.js
39 kB URL v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-763a1b69.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 71c466e054de68aca97edf7c91642390
104ba916b53c1dc76d605f52beea0bfa5c93ee1e
8b7789330b4901b957076e9c4604cf3e4b5aaa5eaca97c3c293710a1e4080f33
GET /_nuxt/desktop/default/betting.coupon2-763a1b69.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 38793
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-9789"
expires: Sat, 09 Dec 2023 13:27:15 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.30-4d91f3b1.js
200 OK 1.2 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.30-4d91f3b1.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (2335), with no line terminators
Hash cab324d94c68c0a7d5d1449edc3d80bd
245779fc8780580fecf136ae27bdd2d09f1ec728
d3a7c82305dbb11bf45a22ac83165944f446d71a7e020118066c7da7d4d94dcc
GET /_nuxt/desktop/default/ioc.dependencies.30-4d91f3b1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 1155
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-483"
expires: Sat, 09 Dec 2023 08:40:46 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 64209
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-9b57bc00.js
366 B URL v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-9b57bc00.js
IP
File type ASCII text, with very long lines (416), with no line terminators
Hash 3e14d7f3a2770c443739452a1936a2f2
78e1daec84e5357af340da0bde9856d5cf094173
8ddd6e174a417cacda2592f067a436ffe760fe1898dbdab4a85f34270e202472
GET /_nuxt/desktop/default/DownloadAppWidgetAnalytics-9b57bc00.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: application/javascript; charset=utf-8
content-length: 366
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-16e"
expires: Sat, 09 Dec 2023 13:27:15 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.suphelper.top/injector.js
200 OK 72 kB URL GET HTTP/2 widget.suphelper.top/injector.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type gzip compressed data, from Unix\012- data
Hash 9691266c4612e69e696f7e3c0b48e5fb
6bad50fdda3893bd2c538a8802414c979606bc60
dab64c25f0efd500bc71eb67552125570247ded162603187e41d212aefe962a6
GET /injector.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Fri, 08 Dec 2023 13:53:54 GMT
etag: W/"32de3-18c49b4cba1"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
expires: Sat, 09 Dec 2023 06:30:48 GMT
server: cloudflare
cf-ray: 8329d4083fcab523-OSL
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/6850.webp
200 OK 743 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/6850.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash bb75ebe58debb7bc1e55bc5ee9ab216e
206c02acefde98e693933f9b8438a1db5d7f59c1
503f9f8ed6767dea2b59883d9751ecc0e8df5467a28a0e5daeebd8007f365d04
GET /resized/size16/sfiles/logo_teams/6850.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 743
cache-control: max-age=94608000
expires: Mon, 10 Aug 2026 03:57:07 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="6850.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 5db91a7cf3baf489bd5d4e73b8ea8e64
x-time-ng: 0.000
age: 10367702
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/cf8c0f97a08d3fc281ae90089fce367b.webp
862 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/cf8c0f97a08d3fc281ae90089fce367b.webp
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 88497189dafaea5351424cf49792725e
c744d9672f8871582ea34ddd7a66242f99be2f70
967fdb72997d5ffb591bdcd7d55a3bd9f96c082af6cc37b5d7635f3cba4d7e87
GET /resized/size16/sfiles/logo_teams/cf8c0f97a08d3fc281ae90089fce367b.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 862
cache-control: max-age=94608000
expires: Sun, 16 Aug 2026 21:06:47 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="cf8c0f97a08d3fc281ae90089fce367b.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: aabba29e609026060b033c2cdd42b4d0
x-time-ng: 0.039
age: 9786399
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/6872.webp
200 OK 973 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/6872.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash d95f2091085750dc75597bf82c9165ba
c7f5269ae3221fcf6cffcfeccf5b6304316cf164
1983867470733bcb409be03ee375ad221d6f037d38cefe09f7260a6209a43809
GET /resized/size16/sfiles/logo_teams/6872.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 973
cache-control: max-age=94608000
expires: Sun, 16 Aug 2026 20:02:24 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="6872.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 42a0a60a561502752724237d540db9f0
x-time-ng: 0.039
age: 9786692
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/bcdf65d5e714a3294c98fd6f4348b176.webp
200 OK 941 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/bcdf65d5e714a3294c98fd6f4348b176.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 0583e4e08018050e5c7e37e9da6456df
724ec8755c65cec77525377092b9e2b8c4a742a4
d0c4365347311c1dc0dfa22e749ce48f5462fb682962e89dd6553ec3935c0984
GET /resized/size16/sfiles/logo_teams/bcdf65d5e714a3294c98fd6f4348b176.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 941
cache-control: max-age=94608000
expires: Mon, 10 Aug 2026 00:10:09 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="bcdf65d5e714a3294c98fd6f4348b176.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: cf6f48b69788c5c857f6f85c45d8429c
x-time-ng: 0.142
age: 10376439
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/checker/redirect/stat/run/
598 B URL 1xlite-497172.top/checker/redirect/stat/run/
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , ASCII text, with no line terminators
Hash e5f2f299792282cd3445fa8323c255b5
0c82b8f0324621f6418c5d51101953173e13e17b
7b58c5b90a7a74070a7fba2f61c4041191752ec9b394d5dbc6ebe7394e39a14a
GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-time-ng: 0.001
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/bab6e873720e8ff8728f46cd70b87c6c.webp
200 OK 718 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/bab6e873720e8ff8728f46cd70b87c6c.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 439ae2891074e6ccb8c84c020a4a2b57
3a2fd51134db0079ed59366bbc6cad1a60975e86
dfb816b1a41ed3ab65f61f1c6ab3acfb475840f59db8f8f4b42916f622059608
GET /resized/size16/sfiles/logo_teams/bab6e873720e8ff8728f46cd70b87c6c.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 718
cache-control: max-age=94608000
expires: Mon, 10 Aug 2026 02:35:46 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="bab6e873720e8ff8728f46cd70b87c6c.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: f1f2c48b49903ab0be844d6e1ec589e3
x-time-ng: 0.000
age: 10367702
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/8d555a2cacdac3e3cc957971dba3114a.webp
776 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/8d555a2cacdac3e3cc957971dba3114a.webp
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 9573684e62fd787ef91a8de03a5d14c9
d1c070e185226f1bcd3eda8a73a0b802d35e818c
5d3fbfdc9aec8cb3ff27e8f74719044664e4fdeae2d26adec562184e58da8f4e
GET /resized/size16/sfiles/logo_teams/8d555a2cacdac3e3cc957971dba3114a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 776
cache-control: max-age=94608000
expires: Sun, 16 Aug 2026 20:04:09 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8d555a2cacdac3e3cc957971dba3114a.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: ed52cfebad73a38ad98a397028d7c262
x-time-ng: 0.024
age: 9786399
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/6902.webp
200 OK 771 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/6902.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 08307b9c39ceed806bcc05b192c7deb2
8bc3043752906ce52e3c37555d120e9d5cc8e313
59bf7728b86db26b9d9a922ab0d3387b85bfa8fb3304edbbbf3c44a8b16fd3f8
GET /resized/size16/sfiles/logo_teams/6902.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 771
cache-control: max-age=94608000
expires: Mon, 17 Aug 2026 08:50:20 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="6902.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: dda382e6ff4ef7d40fcc91f57ec2d1e9
x-time-ng: 0.000
age: 9744408
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/web-api/user/secure
200 OK 3.8 kB URL POST HTTP/2 1xlite-497172.top/web-api/user/secure
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 3620da368427268a2f733ea2f61605d8
129b97d753a217fdfdc8c7f3bf7378a4d28fe633
5971915d9f7f32ccc0b4af2346a9ad214ebf5be9d26980fde6e25593534331ee
POST /web-api/user/secure HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=19, dt_total;dur=47.347, wf-uht;dur=0.058
set-cookie: _glhf=1702106824; expires=Sat, 09-Dec-2023 03:30:48 GMT; Max-Age=3600; path=/
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.024
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/6884.webp
899 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/6884.webp
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 34c95df622f42767cd41c02eb2e09d50
bf8afe7aa6bdd938a3dc005ea5aa75c48ef8b350
362da4098aa137c2b7df49b163786c5a6f2317815ee46c1875f198cccc23de53
GET /resized/size16/sfiles/logo_teams/6884.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 899
cache-control: max-age=94608000
expires: Mon, 17 Aug 2026 07:54:43 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="6884.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 871c4af9a5102d9ae9737a22de1e8815
x-time-ng: 0.000
age: 9785197
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/6890.webp
200 OK 673 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/6890.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 03abd4984832b3978d3c8f19f440c7c8
df270299aa9465b1b9ea5a0658c0ec22ca356875
598a756c558317082f095594a9ee532738007b448d06f3b6e8e1da0d2c659dd9
GET /resized/size16/sfiles/logo_teams/6890.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 673
cache-control: max-age=94608000
expires: Mon, 10 Aug 2026 02:34:04 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="6890.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: fe203a1907b3bca337bbe95295e7016f
x-time-ng: 0.080
age: 10377031
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/6906.webp
578 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/6906.webp
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 922184eb39147bc351511a8b7a037525
1ef91198c5ac3265cba7d54cbce86bd899306681
667d26b9273c3eccde7f5fb9db65a1be633dbca02effab51999c5276ffce3330
GET /resized/size16/sfiles/logo_teams/6906.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 578
cache-control: max-age=94608000
expires: Mon, 10 Aug 2026 14:54:12 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="6906.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 0bbbe703f897638167bc177228010d62
x-time-ng: 0.000
age: 10323396
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/7a98871f6f1ecbd539e3a7e1c5465ca7.webp
200 OK 805 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/7a98871f6f1ecbd539e3a7e1c5465ca7.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash aaa7159e1e9daddf8f8a9c74c2a8c169
899ef088bbcd77c3bce34892d37d36d5d4e1dbb1
f8f8fc34fd0728481b00d214e2bac3032c5830c8c1184ee87b4e596c2a1a21ce
GET /resized/size16/sfiles/logo_teams/7a98871f6f1ecbd539e3a7e1c5465ca7.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 805
cache-control: max-age=94608000
expires: Mon, 17 Aug 2026 09:37:56 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="7a98871f6f1ecbd539e3a7e1c5465ca7.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: c3cb30b85e06893da1a7811b82b43d78
x-time-ng: 0.027
age: 9785195
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/6898.webp
859 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/6898.webp
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 8716931805011e9ac3fc9f4efe5284d5
6a3b61c84d0a1ee5d48177e67117d64367bc1fe2
7c41498db56fc9281ef66378a1c16b647c47e5ce58f032683b592b424ec6fac0
GET /resized/size16/sfiles/logo_teams/6898.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 859
cache-control: max-age=94608000
expires: Mon, 10 Aug 2026 00:10:09 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="6898.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: e7513bf24dac074262d10e8aa55bd9b3
x-time-ng: 0.095
age: 10376439
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/6896.webp
927 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/6896.webp
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 74f4ebdad410f6105c9fc3f7adbfab19
c332e9ca5f003d1fa5822ad469cf5146d8e5124c
27c25001b559c2c200b27edca35c6611e1c97e7de66d90cab649f49262bd559b
GET /resized/size16/sfiles/logo_teams/6896.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 927
cache-control: max-age=94608000
expires: Sun, 16 Aug 2026 21:06:47 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="6896.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 48a62ff67debd3e3790845c21e4e3496
x-time-ng: 0.000
age: 9782641
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.webp
7.1 kB URL v3.traincdn.com/sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 14b81bb2a70130c395b98ba4cb1f4a3a
378094090781a2d412f234bff2bb311adf0a22d0
11128b17e044b6dfe4d716c11854e95486c9e942a942064c82968f6a34c777bb
GET /sfiles/logo-champ/246a944858d7a07393dd4f6739f94bf9.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/webp
content-length: 7066
cache-control: public, max-age=86400
etag: "14b81bb2a70130c395b98ba4cb1f4a3a"
expires: Sat, 09 Dec 2023 10:50:39 GMT
last-modified: Wed, 04 Jan 2023 07:42:08 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 56864
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/8500.webp
200 OK 907 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/8500.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash ffb3f5954dc5103bca741898eb899056
d1097f297079a346c3338e6e34e9e0f0c0de7963
2184d417cb8bd665a26dd4a647ffd5c04e06b1206d9864276b8461a3150e6be9
GET /resized/size16/sfiles/logo_teams/8500.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 907
cache-control: max-age=94608000
expires: Wed, 23 Sep 2026 09:03:26 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8500.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 950d0bfbdc1cfc1f099d95c55d9dbe2a
x-time-ng: 0.038
age: 8080198
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/8504.webp
663 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/8504.webp
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash c7f6993b43e4bf814ff23430d907ae7f
d5a3d4ff6c3c31b2d21d137074e8ae713057ae8e
f9b6b7c5a91bb838e1fbc81faa0e7025a6acf64db38815e6cb2471b590b5f7d3
GET /resized/size16/sfiles/logo_teams/8504.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 663
cache-control: max-age=94608000
expires: Sun, 06 Sep 2026 03:42:42 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8504.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 3167d4ef078ac12b818afb5008a588ea
x-time-ng: 0.000
age: 8030886
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/8496.webp
910 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/8496.webp
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash c9f5e66dde9f1226ad4e0043f7a28c6d
e72000328c15d0a57f47705d9715fdc7dc2e9046
a155dc5a084c31cc135dac285fbbe0669ecb8255fe9bf86e7f271f3cc0bead5c
GET /resized/size16/sfiles/logo_teams/8496.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 910
cache-control: max-age=94608000
expires: Sun, 06 Sep 2026 03:42:42 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8496.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 6d88382bb292451a95aabe87c5575126
x-time-ng: 0.057
age: 8080199
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/f5b11f2f87a9b65eedb9036de5e96e3c.webp
200 OK 841 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/f5b11f2f87a9b65eedb9036de5e96e3c.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f59452f38b9bdb95f75d5aa61b707910
56f7fdb42906a73ee1b3a550b91085196667d599
df67555495df63c65b6aab5f23dd0ebe0638a6a5cc62aff29fb48dfa81e41391
GET /resized/size16/sfiles/logo_teams/f5b11f2f87a9b65eedb9036de5e96e3c.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 841
cache-control: max-age=94608000
expires: Thu, 13 Aug 2026 00:01:02 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="f5b11f2f87a9b65eedb9036de5e96e3c.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: b06bf31806336684af37430c98f9993f
x-time-ng: 0.053
age: 12407800
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/service-api/LiveFeed/Get1x2_VZip?count=20&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
200 OK 8.9 kB URL GET HTTP/2 1xlite-497172.top/service-api/LiveFeed/Get1x2_VZip?count=20&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (43873), with no line terminators
Hash 21f319a8605e05f0bf01da2b623f698f
5087cf4a3191ba40c931fa5d91d422fbbcaf4036
ccf818c394b49a2c7e71054dd3e4c33532da5792c3d2fed2e67c0649bebfaa41
GET /service-api/LiveFeed/Get1x2_VZip?count=20&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: application/json; charset=utf-8
content-length: 8890
cache-control: public, max-age=5
content-encoding: br
last-modified: Sat, 09 Dec 2023 02:30:48 GMT
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal-48f04f22.js
200 OK 5.6 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal-48f04f22.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (15998)
Hash 166744cb12dd5a5901b1f003fb7911e3
7191958a01378fc9f450c9558f4e9625b5667e01
af9d5b2ab721d875f4d5fa833561383917b498888f69f13218b0bd134b99da01
GET /_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal-48f04f22.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 5552
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-15b0"
expires: Sat, 09 Dec 2023 08:40:48 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 64208
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/b04b7b2c.css
200 OK 1.2 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/b04b7b2c.css
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (5258), with no line terminators
Hash 9a5ee950b9926b5452b055c510a23860
3c6404637652d3451ca5480cf6ad43dd8ca1146f
cf6937acb623b9aa84073472cd8158bf0a7177e4983e3e6eb86d7c321ec47f6c
GET /_nuxt/desktop/default/css/b04b7b2c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: text/css
content-length: 1160
cache-control: max-age=86400
content-encoding: gzip
etag: "6571b5c6-488"
expires: Sat, 09 Dec 2023 08:18:10 GMT
last-modified: Thu, 07 Dec 2023 12:08:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 65561
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-10e15e21.js
200 OK 3.9 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-10e15e21.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (11607), with no line terminators
Hash 27f46a524be65f3eb1baa68c5c68517a
deb00093be3bdc4a0b1125c0799fc8c964f78213
6bbb519362bd311a6a881de5735a41f7b154883c5a3ddc4767a0274ffd8be7c7
GET /_nuxt/desktop/default/DownloadAppWidget-10e15e21.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 3933
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-f5d"
expires: Sat, 09 Dec 2023 13:28:22 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1702089055891
200 OK 145 B URL GET HTTP/2 1xlite-497172.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1702089055891
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 0ba0d31eb708662ea0084322503447f5
6c1a9421f4328ce29f59a98191d02a8b1abc45d3
c968c7e207ad41002b8f5c1a77835fc7da5fe5e9ead6a4831a4c7be99c70c37d
GET /genfiles/cms/maintenance_mode/settings.json?timestamp=1702089055891 HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: application/json
content-length: 145
last-modified: Tue, 11 Apr 2023 22:54:53 GMT
etag: "0ba0d31eb708662ea0084322503447f5"
x-time-ng: 0.002
cache-control: public,max-age=60,s-maxage=60
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/c867ef02.css
682 B URL v3.traincdn.com/_nuxt/desktop/default/css/c867ef02.css
IP
File type ASCII text, with very long lines (4658), with no line terminators
Hash 5ab52a6e88252ff781d8052a6869418d
96ad749111751693f123d2128f881100906712c0
af0512f320255e6401c278f357609d9309d52e41cddc4727517abfb44564c78c
GET /_nuxt/desktop/default/css/c867ef02.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: text/css
content-length: 682
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-2aa"
expires: Sat, 09 Dec 2023 13:52:42 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 45493
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-ae68753d.js
2.3 kB URL v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-ae68753d.js
IP
File type ASCII text, with very long lines (7750), with no line terminators
Hash 899a842e8c2baa2b3b4c05c9260b6910
f4f0f39784161c239012b3835019aab49b7b6bf3
7ea84dcdf7a23ede2fe14cd500cd0d080118b3705bd63605203eef1cbe0988bb
GET /_nuxt/desktop/default/betting.SportsMenuCompact-ae68753d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 2294
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-8f6"
expires: Sat, 09 Dec 2023 13:27:16 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47019
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp
200 OK 6.9 kB URL GET HTTP/2 v3.traincdn.com/sfiles/games-images/game-previews/190x102/games-no-faceless.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b7304b532dca88cc708b1c81edf7e051
d9ca9db864badb40bcab6d846ba7110413a339d3
324b9021e7fa1a227b418f5b0707e174d86aa20decea945eab3cea41aac8d2ca
GET /sfiles/games-images/game-previews/190x102/games-no-faceless.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: application/octet-stream
content-length: 6884
cache-control: public, max-age=86400
etag: "b7304b532dca88cc708b1c81edf7e051"
expires: Sat, 09 Dec 2023 08:23:51 GMT
last-modified: Thu, 31 Aug 2023 08:11:01 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:10.000Z
age: 65253
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp
200 OK 8.9 kB URL GET HTTP/2 v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 7a49dad906575c61dd636edbe1201479
d4bf0fbfadca8c6d3a7ec8f3d34d08fced98a21d
0e0cd085244f6272acfa6794d90e32685fa203973e85c62fa96f02cddf7172c6
GET /sfiles/games-images/game-previews/190x102/game-58.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: application/octet-stream
content-length: 8880
cache-control: public, max-age=86400
etag: "7a49dad906575c61dd636edbe1201479"
expires: Sat, 09 Dec 2023 10:36:45 GMT
last-modified: Thu, 31 Aug 2023 08:11:00 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
age: 57244
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-460.webp
20 kB URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-460.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 07836fe2b4bb5ac3ed6a8a1a9f06ee8c
30d4e8192af56abd085d6cbf2b4c5d0828884581
b78d87908d21a0c9e813dcc221a0b5a091368f8d29944ad6b0accb9f445e04e6
GET /sfiles/games-images/game-previews/190x102/game-460.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: image/webp
content-length: 20520
cache-control: public, max-age=86400
etag: "07836fe2b4bb5ac3ed6a8a1a9f06ee8c"
expires: Sat, 09 Dec 2023 10:42:29 GMT
last-modified: Thu, 02 Nov 2023 10:01:23 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 56902
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp
6.2 kB URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 64ff358fd3a82358542d29d53649dd85
0a15b0731a9468fe49e3b512febe91d951ef6156
a9ae35f930c0bf59e407a0c082347049ae11738d330df4e32f4b2b1129d1470c
GET /sfiles/games-images/game-previews/190x102/game-371.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: application/octet-stream
content-length: 6158
cache-control: public, max-age=86400
etag: "64ff358fd3a82358542d29d53649dd85"
expires: Sat, 09 Dec 2023 08:21:26 GMT
last-modified: Thu, 31 Aug 2023 08:10:58 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:04.000Z
age: 65363
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/web-api/default/img/icons/pixels2.svg?v=1702089056
20 kB URL 1xlite-497172.top/web-api/default/img/icons/pixels2.svg?v=1702089056
IP
ASN #202492 Silverhill Group Holding Ltd
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash 8214d847094ef64ce97cbaaa3ecba455
e8c04f245d84890ce412a24ce35689b7073143db
e5547d12e26942f3f20c42cf99f858f6dc25a2ebd458030b9cc48b628302b46f
GET /web-api/default/img/icons/pixels2.svg?v=1702089056 HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=15, dt_total;dur=27.612, wf-uht;dur=0.040
x-dt: 285
x-time-ng: 0.027
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-497172.top/service-api/LiveFeed/GetSportsShortZip?gr=285&country=137&virtualSports=true&groupChamps=true
200 OK 2.8 kB URL GET HTTP/2 1xlite-497172.top/service-api/LiveFeed/GetSportsShortZip?gr=285&country=137&virtualSports=true&groupChamps=true
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10850), with no line terminators
Hash bd16fd7b111bdd927f29288ba1459cba
4ca8985787d7a9f9f12595c073e5514bd5473601
00699552b2703724c2921ca2f73fdd590a7c500ee5c73e3d7f31486692a9b8f4
GET /service-api/LiveFeed/GetSportsShortZip?gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: application/json; charset=utf-8
content-length: 2772
cache-control: public, max-age=5
content-encoding: br
last-modified: Sat, 09 Dec 2023 02:30:49 GMT
vary: Accept-Encoding
x-time-ng: 0.010
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.019
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/css/7090b01f.css
200 OK 80 B URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/css/7090b01f.css
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with no line terminators
Hash 99f16f43c1db94e4e758dcfe16ec462b
8a82f7169b8b0cce028a2fab8ea2e2b4c9b33d90
5de20e76112564f64b1b01edc1b573c57db66690eda9845523e06fb71c38eb07
GET /_nuxt/desktop/default/css/7090b01f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: text/css
content-length: 80
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-50"
expires: Sat, 09 Dec 2023 13:18:52 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47517
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/service-api/LineFeed/GetSportsShortZip?country=137&virtualSports=true&gr=285&groupChamps=true
200 OK 2.2 kB URL GET HTTP/2 1xlite-497172.top/service-api/LineFeed/GetSportsShortZip?country=137&virtualSports=true&gr=285&groupChamps=true
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6801), with no line terminators
Hash ca0f116872665459eb301b0895e36c4b
de0e30f7bcfb9bce21d178acd02765f2a9bf6a6b
6677dbf4b3def17552bc252d2d79891024b0fe528934fa566b196877819b8070
GET /service-api/LineFeed/GetSportsShortZip?country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: application/json; charset=utf-8
content-length: 2157
cache-control: public, max-age=5
content-encoding: br
last-modified: Sat, 09 Dec 2023 02:30:49 GMT
vary: Accept-Encoding
x-time-ng: 0.065
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.079
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/Betting.Coupon.Desktop.MainTab.CouponRegistrationButton-4e35c712.js
200 OK 848 B URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/Betting.Coupon.Desktop.MainTab.CouponRegistrationButton-4e35c712.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (1531), with no line terminators
Hash 66436eac35d77c3e455a6672dbf2a3a5
82fb27e05901bfbebb4c3b97303f16e7c80ae027
65f5be0387172daf9819b2444336abdce522cd89d38a8445f9fc19d686068efc
GET /_nuxt/desktop/default/Betting.Coupon.Desktop.MainTab.CouponRegistrationButton-4e35c712.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 848
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-350"
expires: Sat, 09 Dec 2023 13:27:54 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47018
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg
200 OK 694 B URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1220), with no line terminators
Hash 3ae81b002dca46d3b732ce3e03ae35c6
388d37b5f714937677de74330a8daab0a0d1196b
1c76b93f07c6a861c4ad9529059ea99ae69f2451788da7cab1f17fa94d54382e
GET /genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: image/svg+xml
content-length: 694
cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"3ae81b002dca46d3b732ce3e03ae35c6"
expires: Sat, 09 Dec 2023 02:59:10 GMT
last-modified: Wed, 19 Apr 2023 11:51:30 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 1903
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sys-icons/1.0.212/285/coloredSvg.svg
22 kB URL v3.traincdn.com/sys-icons/1.0.212/285/coloredSvg.svg
IP
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (62897), with no line terminators
Hash a8022e367298bde0f97fcfefd9ec08a8
9669a1d2ffbe30948741fc217ac1f278579a677f
75e00a9d09d88cfb14c4333a9b4b6abd3d8827c77a541b479ae87d2f9369d526
GET /sys-icons/1.0.212/285/coloredSvg.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: image/svg+xml
content-length: 21678
cache-control: max-age=86400
content-encoding: gzip
etag: W/"a8022e367298bde0f97fcfefd9ec08a8"
expires: Sat, 09 Dec 2023 11:07:27 GMT
last-modified: Mon, 27 Nov 2023 07:27:22 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-mtime: 1701070040.783870721
x-time-ng: 0.002
age: 55404
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/sys-icons/1.0.212/285/logos.svg
200 OK 15 kB URL GET HTTP/2 v3.traincdn.com/sys-icons/1.0.212/285/logos.svg
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (34054), with no line terminators
Hash fa9bb56d0333e51a2e20e890b1578077
4d13dd10fe635fcef3b4da010d46e7485211badc
25bafe20c85395893b739e4cec203afee2018ca4874baf2e4ebb21a668ed9a26
GET /sys-icons/1.0.212/285/logos.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: image/svg+xml
content-length: 14765
cache-control: max-age=86400
content-encoding: gzip
etag: W/"fa9bb56d0333e51a2e20e890b1578077"
expires: Sat, 09 Dec 2023 11:07:52 GMT
last-modified: Mon, 27 Nov 2023 07:27:22 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-amz-meta-mtime: 1701070040.783870721
x-time-ng: 0.002
age: 55379
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_ru_0.json
200 OK 5.4 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_ru_0.json
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (22309), with no line terminators
Hash 04b39382613d7c50f0f437414c098222
b1738b021c5aca389757ec157f85b699a78d7d5e
ffede1793307cd415d463fc1f9096777e43099f714aaf2eee2e634a934fc6598
GET /genfiles/cms/betstemplates/bets_model_full_ru_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: application/json
content-length: 5384
cache-control: public, max-age=3600, s-maxage=3600
content-encoding: gzip
etag: W/"04b39382613d7c50f0f437414c098222"
expires: Sat, 09 Dec 2023 02:36:24 GMT
last-modified: Fri, 08 Dec 2023 14:32:29 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.003
age: 3266
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.suphelper.top/sounds/new-message.mp3
30 kB URL widget.suphelper.top/sounds/new-message.mp3
IP
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type MPEG ADTS, layer III, v1, 192 kbps, 48 kHz, JntStereo\012- data
Hash ef9af24dc7dbd24ffd99c832e1300351
f78744a5013038446c468de14f205f2d52373fd6
5049d7fe87a7327a291441181d1a328a15f46a21081b970502c540406011c9b9
GET /sounds/new-message.mp3 HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:51 GMT
content-type: audio/mpeg
content-length: 29952
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Fri, 08 Dec 2023 13:53:54 GMT
etag: W/"7500-18c49b4cbad"
cf-cache-status: HIT
age: 2185
expires: Sat, 09 Dec 2023 06:30:51 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8329d41ccd99b523-OSL
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/pages/_app-6fcd268ddee72789.js
282 kB URL widget.suphelper.top/_next/static/chunks/pages/_app-6fcd268ddee72789.js
IP
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type gzip compressed data, from Unix\012- data
Size 282 kB (281593 bytes)
Hash 56ffd1bbbc5b0e89258ef4c355c78905
5159bdea559d851fe660ab31af05c62384c1bc0a
0f01839dd7170fe45bf10652d17299a7a303159f7950220b0e4ee7dcc608cb29
GET /_next/static/chunks/pages/_app-6fcd268ddee72789.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Fri, 08 Dec 2023 13:53:54 GMT
etag: W/"f845c-18c49b4cc39"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 45219
expires: Sun, 08 Dec 2024 02:30:50 GMT
server: cloudflare
cf-ray: 8329d4135af5b523-OSL
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/970-fdfa7a3a1558183b.js
125 kB URL widget.suphelper.top/_next/static/chunks/970-fdfa7a3a1558183b.js
IP
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type gzip compressed data, from Unix\012- data
Size 125 kB (125088 bytes)
Hash 6ae4f70b714704720b4b746261a39a30
2465d583652cfa8cc8d5442e6592af1becd8e92e
bf72e81774f349c2ef8d9065808cb1616fb118d92f01d5c9591b5de10b0dff25
GET /_next/static/chunks/970-fdfa7a3a1558183b.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 07 Dec 2023 06:22:59 GMT
etag: W/"69bbf-18c42f19a97"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 158687
expires: Sun, 08 Dec 2024 02:30:50 GMT
server: cloudflare
cf-ray: 8329d4135af7b523-OSL
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_ru_0.json
4.4 kB URL v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_ru_0.json
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (14023), with no line terminators
Hash 89c375ccb00a6b0e8a6f88d0d66d6ae5
bd74a0109e8d020a6baeba23b358638fae027618
305af38b9ba8d02450783184dafa5ef6a9e3ff0952948e0360a221dd0bd77d6d
GET /genfiles/cms/betstemplates/bets_model_short_ru_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:51 GMT
content-type: application/json
content-length: 4381
cache-control: public, max-age=3600, s-maxage=3600
content-encoding: gzip
etag: W/"89c375ccb00a6b0e8a6f88d0d66d6ae5"
expires: Sat, 09 Dec 2023 02:37:40 GMT
last-modified: Fri, 08 Dec 2023 14:32:24 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.003
age: 3220
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg
200 OK 51 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1380x248, components 3\012- data
Hash 15b1bda7b31ccc5eacce67afbe6f160b
d41eac3583bb0495a008b0d1e4a584d103feb436
2e1b52936d0c7081d46010cd49e236aed8cefc16adad7c908c108aff4a73718d
GET /genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:51 GMT
content-type: image/jpeg
content-length: 51087
cache-control: public, max-age=86400
etag: "15b1bda7b31ccc5eacce67afbe6f160b"
expires: Sat, 09 Dec 2023 02:45:23 GMT
last-modified: Tue, 11 Apr 2023 18:15:30 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 2744
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.jpg
147 kB URL v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, progressive, precision 8, 1380x248, components 3\012- data
Size 147 kB (147402 bytes)
Hash 9d1ab102184100544b4a72fcc6a8c458
79a64d17a182311cf4f856e39c83e3d9c5b1e55b
0fd0800599423b6bc4c2fe90c96f0025f4dd0d13d0c4b535e9421e21049a0903
GET /genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:51 GMT
content-type: image/jpeg
content-length: 147402
cache-control: public, max-age=3600, s-maxage=3600
etag: "9d1ab102184100544b4a72fcc6a8c458"
expires: Sat, 09 Dec 2023 02:38:44 GMT
last-modified: Tue, 11 Apr 2023 18:15:17 GMT
server: Footprint Distributor V6.1.1162
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
age: 3140
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png
231 kB URL v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png
IP
File type PNG image data, 1380 x 248, 8-bit/color RGBA, non-interlaced\012- data
Size 231 kB (231413 bytes)
Hash 5f92240dea2753875e3104a6704f93e6
41d042b4876f18001842a761d05ad4a0575ca7f4
2d51f316311a3977d1dcee31a3332f720f72a842d8924ea4b8f014a23ca859b7
GET /genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:51 GMT
content-type: image/png
content-length: 231413
cache-control: max-age=86400
etag: "5f92240dea2753875e3104a6704f93e6"
expires: Sat, 09 Dec 2023 03:09:45 GMT
last-modified: Wed, 21 Jun 2023 09:54:48 GMT
server: nginx
access-control-allow-origin: *
server-timing: wf-uht;dur=0.035
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 1278
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/58038034/_ssgManifest.js
200 OK 118 kB URL GET HTTP/2 widget.suphelper.top/_next/static/58038034/_ssgManifest.js
IP
Requested by https://widget.suphelper.top/
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type gzip compressed data, from Unix\012- data
Size 118 kB (118507 bytes)
Hash 31220b8888acaf0ad72482d7a2b3082d
ab0a6328205d7142bd6d1d5936232c2f63a84ebf
543c0af02fac488a3d611e852d09ffe800837cc385b8d4414cce946f28356742
GET /_next/static/58038034/_ssgManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Fri, 08 Dec 2023 13:53:54 GMT
etag: W/"4d-18c49b4cc39"
vary: Accept-Encoding
cf-cache-status: HIT
age: 45219
expires: Sun, 08 Dec 2024 02:30:50 GMT
server: cloudflare
cf-ray: 8329d4135afcb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png
231 kB URL v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png
IP
File type PNG image data, 1380 x 248, 8-bit/color RGBA, non-interlaced\012- data
Size 231 kB (231413 bytes)
Hash 5f92240dea2753875e3104a6704f93e6
41d042b4876f18001842a761d05ad4a0575ca7f4
2d51f316311a3977d1dcee31a3332f720f72a842d8924ea4b8f014a23ca859b7
GET /genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:52 GMT
content-type: image/png
content-length: 231413
cache-control: max-age=86400
etag: "5f92240dea2753875e3104a6704f93e6"
expires: Sat, 09 Dec 2023 03:09:45 GMT
last-modified: Wed, 21 Jun 2023 09:54:48 GMT
server: nginx
access-control-allow-origin: *
server-timing: wf-uht;dur=0.035
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 1279
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/f4a39966ab8f5e5125e92fedcf3a3092.jpg
200 OK 118 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/banner/f4a39966ab8f5e5125e92fedcf3a3092.jpg
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type JPEG image data, baseline, precision 8, 1380x248, components 3\012- data
Size 118 kB (118446 bytes)
Hash 9cd4c456518a68605eb7097cf9acf4e0
18da850ee009b3614297b700c93869de38a93fa5
f3a2d6ba7aa1e669da89c03d5aac79195c2133a5bb1086c65cdfc39a1c3965e2
GET /genfiles/cms/1/desktop/banner/f4a39966ab8f5e5125e92fedcf3a3092.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:52 GMT
content-type: image/jpeg
content-length: 118446
cache-control: public, max-age=3600, s-maxage=3600
etag: "9cd4c456518a68605eb7097cf9acf4e0"
expires: Sat, 09 Dec 2023 02:46:59 GMT
last-modified: Tue, 22 Aug 2023 12:35:25 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 2634
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg
82 kB URL v3.traincdn.com/genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg
IP
File type JPEG image data, progressive, precision 8, 1380x248, components 3\012- data
Hash ad5f0025317357d48209be53322c4854
c95715c6077d270ab0d901fa43184565216d6177
e7d3aa1ad1cf16bb24ada1e8ab541fbd94aa6196e7f98e50b244c70b0d9b2204
GET /genfiles/cms/1/desktop/banner/8c83a62ae8afe0aa371618f02b8e4a01.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:52 GMT
content-type: image/jpeg
content-length: 81954
cache-control: public, max-age=3600, s-maxage=3600
etag: "ad5f0025317357d48209be53322c4854"
expires: Sat, 09 Dec 2023 03:03:40 GMT
last-modified: Thu, 05 Oct 2023 10:29:43 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 1674
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js
200 OK 19 kB URL GET HTTP/2 widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js
IP
Requested by https://widget.suphelper.top/
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type gzip compressed data, from Unix\012- data
Hash 48b9bf09440a08f2f2adee9ffbf5a392
807471305d6a85e0917b1b8f57c0cadfa2ed9269
0ca9f78dddc869cdd75bf3ea65df518a3cef8165f98200a4417457f9c9aebf65
GET /_next/static/chunks/81.9c6562bba5669b47.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:51 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"8f42-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 1461793
expires: Sun, 08 Dec 2024 02:30:51 GMT
server: cloudflare
cf-ray: 8329d41c4d72b523-OSL
X-Firefox-Spdy: h2
1xlite-497172.top/web-api/registration
1.9 kB URL 1xlite-497172.top/web-api/registration
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (350)
Hash 92a7e5f6ae789b6a1205a5a0b67140b4
8cad77d6ca085d30a099de66fbf0bf3a6f368b4e
f7f5b4c3e91a36a61027b91b6e9c5c8142a3a2538fc42a02519a85d3323740a6
POST /web-api/registration HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
Content-Length: 17
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=32, dt_total;dur=42.161, wf-uht;dur=0.057
x-dt: 285
x-time-ng: 0.040
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/959599.webp
200 OK 598 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/959599.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8199347924337f57b7dde77d75dae53d
c327277a097bb736826e6754079477321c2518ea
84b98990ae652859c59edb815ec6c069dbf6b1d4989f019579758b96fd53c8cc
GET /resized/size16/sfiles/logo_teams/959599.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:52 GMT
content-type: image/webp
content-length: 598
cache-control: max-age=94608000
expires: Mon, 05 Oct 2026 18:27:35 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="959599.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 33c3f9781cc64b6519f9296159b6ed3a
x-time-ng: 0.000
age: 5472197
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/91994e16cb3902bc753b378816aba344.webp
684 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/91994e16cb3902bc753b378816aba344.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 5213efeca1f05fdbe096b079f6d6390d
b157b1ba06e179cce819229457a157f76fbad8c9
6e9f578e640f69c3ec681b7df99355f96f6bbc5394ea2b846a5a15250c2a41e2
GET /resized/size16/sfiles/logo_teams/91994e16cb3902bc753b378816aba344.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:52 GMT
content-type: image/webp
content-length: 684
cache-control: max-age=94608000
expires: Mon, 12 Oct 2026 18:30:43 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="91994e16cb3902bc753b378816aba344.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 6fe583c179561e13d140f15a3f259ffb
x-time-ng: 0.000
age: 5038680
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/959601.webp
200 OK 622 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/959601.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 56317a41e134ecfe106798954da6ea28
8fdf81a0dea120cf087ae1437b88dc5a16cc609e
a3e35e6d5931925e745e9dd06abcd61d9a27a66e51f713ef68a82caf24c4a9b3
GET /resized/size16/sfiles/logo_teams/959601.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:52 GMT
content-type: image/webp
content-length: 622
cache-control: max-age=94608000
expires: Sun, 04 Oct 2026 18:42:43 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="959601.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: f3272e200cb0304662cad753921376e4
x-time-ng: 0.000
age: 5558199
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/33977.webp
654 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/33977.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 74d9b2e8dd3cc0c1881d163b44843bc9
862cd940e430e504dff5ca312027743971ad9d91
444ec981ea2a490f49e630dcaf9c234cbc60657e19c88e3f1b0fb8bdb097f758
GET /resized/size16/sfiles/logo_teams/33977.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:52 GMT
content-type: image/webp
content-length: 654
cache-control: max-age=94608000
expires: Sat, 03 Oct 2026 23:16:11 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="33977.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: fc780412ad51064528a2cae10b42d34c
x-time-ng: 0.000
age: 5628320
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/a2c1bfdb6e73c31293ce027f92a50bad.webp
604 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/a2c1bfdb6e73c31293ce027f92a50bad.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 3769015495df1cc118687be7de461864
823a8d5f25e7eb28eadbff52df7cc0afccd014b8
a2be9b8dccc61f73037929941b88fa0c785f9e6f4ed30be0ad26099db4f83845
GET /resized/size16/sfiles/logo_teams/a2c1bfdb6e73c31293ce027f92a50bad.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:52 GMT
content-type: image/webp
content-length: 604
cache-control: max-age=94608000
expires: Sat, 03 Oct 2026 00:03:32 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="a2c1bfdb6e73c31293ce027f92a50bad.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 611a348e899064aa09bb9965fd849d34
x-time-ng: 0.000
age: 5714382
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/8566.webp
200 OK 764 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/8566.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7810a26abc3b4b7c8b16b72ae3563f85
98cf9a9beca956e9eb913ee64cd557f48295ab3d
2666b7918c9447720b0427aec830fa2be4e0a2d0435273be5cc5898bb396159d
GET /resized/size16/sfiles/logo_teams/8566.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:52 GMT
content-type: image/webp
content-length: 764
cache-control: max-age=94608000
expires: Mon, 05 Oct 2026 19:45:35 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8566.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: fd4b8c7848cf0856107fd7666d996f53
x-time-ng: 0.063
age: 5470792
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/bfba95b7e0f55995b3bf37e818d65143.webp
200 OK 650 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/bfba95b7e0f55995b3bf37e818d65143.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash c475b28c340be89cdb11f17a17550845
ec4253ce8f75d13bca4f7e149e4f715d7ba7571e
8aae05af6cfad1c699435e15a96d98dc6395d2e0e2bd6db7dc58b9b1a8a31416
GET /resized/size16/sfiles/logo_teams/bfba95b7e0f55995b3bf37e818d65143.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:52 GMT
content-type: image/webp
content-length: 650
cache-control: max-age=94608000
expires: Sun, 04 Oct 2026 23:05:47 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="bfba95b7e0f55995b3bf37e818d65143.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 4de4d54b39d78a6946800f6c70025a04
x-time-ng: 0.041
age: 5541905
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/8550.webp
200 OK 684 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/8550.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 6e4dfaa19bd35a1c09519e7ede193eb4
635e17f27177e05cf8bf51966331c8f72a0bedb4
2ddc3a3d832e385fa3a914242d2b741b14486104b2c30fde18b8f67044823a9d
GET /resized/size16/sfiles/logo_teams/8550.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:52 GMT
content-type: image/webp
content-length: 684
cache-control: max-age=94608000
expires: Mon, 12 Oct 2026 17:45:15 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8550.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: e30dbcdd088af703ad7eaf078665f4c8
x-time-ng: 0.000
age: 5020150
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/34941.webp
640 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/34941.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 8bdefc5184ed186941fde1615fccbd9c
ee97219c57c1b87d3a4613ae71a13d6904870be8
77e09644ad6ce3fba8c3a1c7eacb40fd11d75665ec79d5d5f78f643989f42624
GET /resized/size16/sfiles/logo_teams/34941.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:53 GMT
content-type: image/webp
content-length: 640
cache-control: max-age=94608000
expires: Mon, 05 Oct 2026 23:00:27 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="34941.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 21289f29fb8b1e6c3a610fb02ba43f97
x-time-ng: 0.071
age: 5470793
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/1a9d14481ba01b5831b5ffc269fcd44a.webp
676 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/1a9d14481ba01b5831b5ffc269fcd44a.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash 832232b8a7360a6928a4c0c72f959bf3
f3ead399211be2d81c07c4e295598c5061609d3e
6ffb4bd8a38994c08e4e27a43f5a6d3f2b2469c158deb419636a3bb38cc4a175
GET /resized/size16/sfiles/logo_teams/1a9d14481ba01b5831b5ffc269fcd44a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:53 GMT
content-type: image/webp
content-length: 676
cache-control: max-age=94608000
expires: Sun, 04 Oct 2026 18:49:40 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="1a9d14481ba01b5831b5ffc269fcd44a.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 86af2e1678b815c86857694e52a53e5d
x-time-ng: 0.000
age: 5562155
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/574c37e31f0b3db5fab8afa15d33fd8f.webp
200 OK 650 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/574c37e31f0b3db5fab8afa15d33fd8f.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash 40d1a7937da56576177479af30ba9baa
1a5e0c82cf384aab7fdb6d89b62e14931849ae37
16827a7144cc520ace7f5b0c08574c6616f2d1e98472274f7ca3489a7e580fbe
GET /resized/size16/sfiles/logo_teams/574c37e31f0b3db5fab8afa15d33fd8f.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:53 GMT
content-type: image/webp
content-length: 650
cache-control: max-age=94608000
expires: Sun, 04 Oct 2026 00:35:43 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="574c37e31f0b3db5fab8afa15d33fd8f.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: aa9e8263c90479dd868d39f9fb3a79fd
x-time-ng: 0.000
age: 5623520
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/8542.webp
200 OK 622 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/8542.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash ec9d7774c0fe0f0a1378f58762eac7ca
3a2814ad5ffa92d9a5ff8b5da9399f95c930e384
909ab95de494dca4c15ed782302174c1a9970c5a94b6418c867b89ae59b63569
GET /resized/size16/sfiles/logo_teams/8542.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:53 GMT
content-type: image/webp
content-length: 622
cache-control: max-age=94608000
expires: Mon, 05 Oct 2026 23:46:10 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8542.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: adb5ae2a20c5ea94ad392b81fed6d9fb
x-time-ng: 0.064
age: 5470793
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/8546.webp
200 OK 664 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/8546.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash ada80df8e796e9ef733ef1c58963b06b
72a7bdddcb249f7a3f26809356817044ba8d3c03
f8e410a39606580cfa0f18a2df33c074a8f19e2d864d10d031c43712e76091cb
GET /resized/size16/sfiles/logo_teams/8546.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:53 GMT
content-type: image/webp
content-length: 664
cache-control: max-age=94608000
expires: Sun, 18 Oct 2026 12:56:02 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8546.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: fd47565952cec3e54a36c9a7c5acd220
x-time-ng: 0.000
age: 5623520
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/240485.webp
690 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/240485.webp
IP
File type RIFF (little-endian) data, Web/P image\012- data
Hash e8baf2b09b62d87e61d81a947829d086
75ae456589e8a952e7a8e5611aac5aca19af0836
15e0da209f6e9e193e5aa5cc9c325aa0d02b5b3d031e4260c91476bb3454118a
GET /resized/size16/sfiles/logo_teams/240485.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:53 GMT
content-type: image/webp
content-length: 690
cache-control: max-age=94608000
expires: Wed, 07 Oct 2026 21:51:43 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="240485.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: cf19ddcff056641b485e376744bbf3e5
x-time-ng: 0.000
age: 5308038
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/dd70d5dabde5120c4977c9463e2be6c3.webp
200 OK 542 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/dd70d5dabde5120c4977c9463e2be6c3.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash e5450f242a54d556e3f23b8fb6a005a1
273efa7235cabab88eaddb47459c59351ad32cd2
7f5d5136a7a8825cc72e417b089e6adc1ed155c5bc0e510c36cd90df405157b3
GET /resized/size16/sfiles/logo_teams/dd70d5dabde5120c4977c9463e2be6c3.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:53 GMT
content-type: image/webp
content-length: 542
cache-control: max-age=94608000
expires: Tue, 13 Oct 2026 00:00:28 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="dd70d5dabde5120c4977c9463e2be6c3.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 79b28dca8351c428caa87c9ce1a510fd
x-time-ng: 0.000
age: 5038681
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/8548.webp
200 OK 660 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/8548.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash d89609385e619b1b84b2770c9001c4ee
0de9c249edbc9b15c77b90a88a479a36c41e3e48
6e5564fc97695d04894ca4103881baf4bf2f8c25bcc4b65f16bebdf54eedcfc2
GET /resized/size16/sfiles/logo_teams/8548.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:53 GMT
content-type: image/webp
content-length: 660
cache-control: max-age=94608000
expires: Mon, 05 Oct 2026 18:51:00 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8548.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 3c0912de2a9f78083b2f3dad3670c3ac
x-time-ng: 0.058
age: 5470793
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/63a7ea0e26fffc6437befeb6689b7ed1.webp
973 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/63a7ea0e26fffc6437befeb6689b7ed1.webp
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 2b25d9b31652018abf967e4680623c90
2a95689d466e9eace9d4fc056862a978f39b8d2b
4b27bad2c25abfc36a779c808ec61e7e695444181ba789ede04c8c925041e6f6
GET /resized/size16/sfiles/logo_teams/63a7ea0e26fffc6437befeb6689b7ed1.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:53 GMT
content-type: image/png
content-length: 973
cache-control: max-age=94608000
expires: Sat, 05 Sep 2026 17:07:47 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="63a7ea0e26fffc6437befeb6689b7ed1.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: aa72773ff8e7d8b441033f969cd9f79c
x-time-ng: 0.000
age: 8080204
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/8514.webp
835 B URL v3.traincdn.com/resized/size16/sfiles/logo_teams/8514.webp
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 4bf38f9deeac48cdf77bf627af6d2b34
f941826207541b69114d511961fa07097693fb6c
50845757a5820ae8ac73411f83403b79bea868dddbaf977f50890279a4428a2a
GET /resized/size16/sfiles/logo_teams/8514.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:53 GMT
content-type: image/png
content-length: 835
cache-control: max-age=94608000
expires: Sat, 05 Sep 2026 14:00:50 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8514.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: b5c60565d5516f39ab6ce4e5e5c8a248
x-time-ng: 0.000
age: 8080203
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/58038034/_buildManifest.js
200 OK 1.3 kB URL GET HTTP/2 widget.suphelper.top/_next/static/58038034/_buildManifest.js
IP
Requested by https://widget.suphelper.top/
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type ASCII text, with very long lines (5468), with no line terminators
Hash 66cc4922f66dde640a0077b61f4c43c6
d307411cbc5a1fc7d34e087db7701e1716e87a0d
cb7a3b7b3bf216cbe5392754f680f2a673de9efa84a7997996141608a87aa1f5
GET /_next/static/58038034/_buildManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Fri, 08 Dec 2023 13:53:54 GMT
etag: W/"1ad-18c49b4cc39"
vary: Accept-Encoding
cf-cache-status: HIT
age: 45219
expires: Sun, 08 Dec 2024 02:30:50 GMT
server: cloudflare
cf-ray: 8329d4135afbb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-8a0623a2.js
200 OK 8.5 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-8a0623a2.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type ASCII text, with very long lines (38670), with no line terminators
Hash 8356a305684e38d4aae9345a7e069fed
510d321fc6e31113b2d26525cc2fdc8b147c5415
990292f5379062cb938ac072f76aa96cca5590615491365d07bb284ffc2817a7
GET /_nuxt/desktop/default/vendors/Registration.Fields-8a0623a2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:53 GMT
content-type: application/javascript; charset=utf-8
content-length: 8549
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-2165"
expires: Sat, 09 Dec 2023 13:27:18 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47021
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/genfiles/cms/1/mobile/shortcuts/icon-512x512.png
5.2 kB URL 1xlite-497172.top/genfiles/cms/1/mobile/shortcuts/icon-512x512.png
IP
ASN #202492 Silverhill Group Holding Ltd
File type PNG image data, 514 x 514, 8-bit colormap, non-interlaced\012- data
Hash b9a636eef54b2844b571fe7de49184a7
bf653690790ced40eb3189da075a275d951d1607
001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743
GET /genfiles/cms/1/mobile/shortcuts/icon-512x512.png HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:53 GMT
content-type: image/png
content-length: 5202
last-modified: Thu, 16 Nov 2023 13:34:54 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=ru&platform=2§ion=6&is_auth=false&limit=100
5.0 kB URL 1xlite-497172.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=ru&platform=2§ion=6&is_auth=false&limit=100
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (26403), with no line terminators
Hash 1a58d5e9c89b1790ab153fe23226e5a0
9e9a95fc9b7c1aef10f7b8e36a00016757a00db3
7d2f1fdb3ce4c9d415a51006b34d5c8c6d37c0bf558f01ec191b192a0f8b199e
GET /web-api/external-api/v3/banners?project_id=285&country_code=NO&language=ru&platform=2§ion=6&is_auth=false&limit=100 HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=94, dt_total;dur=136.535, wf-uht;dur=0.173
x-dt: 285
x-time-ng: 0.116
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-497172.top/web-api/api/converslon/load
37 kB URL 1xlite-497172.top/web-api/api/converslon/load
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , ASCII text, with very long lines (38555), with no line terminators
Hash 35de9696e58c17cb1424097c99fe6b66
52bf7be96d5c6fd9eb9bf88ca9c8af051ad7bbfa
6b3c7a42257b39671e5f88590e0d486fe0e72c35fe3da90ae3d8b9c147568468
GET /web-api/api/converslon/load HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:55 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=17, dt_total;dur=18.909, wf-uht;dur=0.043
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.018
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-497172.top/service-api/LiveFeed/GetSportsShortZip?gr=285&country=137&virtualSports=true&groupChamps=true
200 OK 2.8 kB URL GET HTTP/2 1xlite-497172.top/service-api/LiveFeed/GetSportsShortZip?gr=285&country=137&virtualSports=true&groupChamps=true
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10850), with no line terminators
Hash 8f0cb1a1cc6718f22349fd6e88c4a4d5
aa752110dca260351f372657ea522b11b960d953
3d210f82272c7d946d422481c8f6368369a87b83dff3ce4adcffdff63c47db28
GET /service-api/LiveFeed/GetSportsShortZip?gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:56 GMT
content-type: application/json; charset=utf-8
content-length: 2767
cache-control: public, max-age=5
content-encoding: br
last-modified: Sat, 09 Dec 2023 02:30:56 GMT
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
64 kB URL v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 63748, version 1.0\012- data
Hash 6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:56 GMT
content-type: font/woff2
content-length: 63748
cache-control: max-age=86400
etag: "6887b6f24414dbc612dbf42ccdc76b70"
expires: Sat, 09 Dec 2023 02:59:59 GMT
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 1857
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
65 kB URL v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 64732, version 1.0\012- data
Hash 3ac5d40d1b3966fc5eb09ecca74d9cbf
a69f32357765dd321519889aeacba5e9ca893bb0
3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:56 GMT
content-type: font/woff2
content-length: 64732
cache-control: max-age=86400
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
expires: Sat, 09 Dec 2023 02:45:55 GMT
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.003
age: 2701
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
200 OK 64 kB URL GET HTTP/2 v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 63920, version 1.0\012- data
Hash a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:56 GMT
content-type: font/woff2
content-length: 63920
cache-control: max-age=86400
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
expires: Sat, 09 Dec 2023 02:53:49 GMT
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-rgw-object-type: Normal
x-time-ng: 0.000
age: 2227
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/service-api/LiveFeed/Get1x2_VZip?count=20&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
200 OK 8.7 kB URL GET HTTP/2 1xlite-497172.top/service-api/LiveFeed/Get1x2_VZip?count=20&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (42788), with no line terminators
Hash fe905ccce0fc3cfa3d1b41f1384f7243
d6f6b0af1ca1829369c332e38979d94af5c33622
8403de19d2ae1d941f93ef525d7c9a05f834315641f796b10f05021d0e6f927f
GET /service-api/LiveFeed/Get1x2_VZip?count=20&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:58 GMT
content-type: application/json; charset=utf-8
content-length: 8737
cache-control: public, max-age=5
content-encoding: br
last-modified: Sat, 09 Dec 2023 02:30:58 GMT
vary: Accept-Encoding
x-time-ng: 0.018
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.026
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/analytics-e5e486ba.js
1.6 kB URL v3.traincdn.com/_nuxt/desktop/default/analytics-e5e486ba.js
IP
File type ASCII text, with very long lines (4196), with no line terminators
Hash b106895a00b4028cf482eb3224a629ba
c106ccdb2039cf1ada4bfc824204e99845aab5e1
def0d36973a5227dfd68c719f0622e4f9f0efcdcdee5772f439fc8799591de9a
GET /_nuxt/desktop/default/analytics-e5e486ba.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:31:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 1555
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-613"
expires: Sat, 09 Dec 2023 08:40:26 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 64234
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/service-api/LiveFeed/WebGetTopChampsZip?gr=285&country=137
186 B URL 1xlite-497172.top/service-api/LiveFeed/WebGetTopChampsZip?gr=285&country=137
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with no line terminators
Hash 6ee3818623d6e1a31ded54c5ac9882dc
2bb8befdaf714b53742fb742274bc3d7999b3d5c
2b128a30f83907cbd460b811cdcb557fd48e7d6b5bdcde3309c2931d02700336
GET /service-api/LiveFeed/WebGetTopChampsZip?gr=285&country=137 HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:31:00 GMT
content-type: application/json; charset=utf-8
content-length: 186
cache-control: no-cache
content-encoding: br
last-modified: Sat, 09 Dec 2023 02:31:00 GMT
vary: Accept-Encoding
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.016
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66
95 kB URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66
IP
File type Unicode text, UTF-8 text, with very long lines (10691)
Hash 754360080e50cc64d3982852555df078
0679e66a1c9b720ee5d45324f557887431745e65
4019ccd1545a321b85356baf37735ce8ced3dee1ec91cc8b002225b6aa4558e7
GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 09 Dec 2023 02:31:00 GMT
expires: Sat, 09 Dec 2023 02:31:00 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 94615
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
radar.cedexis.com/1/23802/radar.js
154 B URL radar.cedexis.com/1/23802/radar.js
IP
ASN #63911 NetActuate, Inc
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Sat, 09 Dec 2023 02:31:00 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: /1621860284/stub.js
Expires: Sat, 09 Dec 2023 02:41:00 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT
radar.cedexis.com/1621860284/stub.js
271 B URL radar.cedexis.com/1621860284/stub.js
IP
ASN #63911 NetActuate, Inc
Hash cec7270f03f717f8feca31e994d894d6
470eb82c7e87dccb465562030ed6db7c1e2dd78c
40fceb327b96d3557153ea9feb76e426f85b52dda8fd6444e96134bc4ff5f594
GET /1621860284/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Sat, 09 Dec 2023 02:31:00 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 24 May 2021 12:50:45 GMT
Vary: Accept-Encoding
ETag: W/"60aba125-186"
Expires: Sat, 23 Dec 2023 02:31:00 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
1xlite-497172.top/service-api/LineFeed/GetSportsShortZip?country=137&virtualSports=true&gr=285&groupChamps=true
200 OK 2.2 kB URL GET HTTP/2 1xlite-497172.top/service-api/LineFeed/GetSportsShortZip?country=137&virtualSports=true&gr=285&groupChamps=true
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6801), with no line terminators
Hash f358efd043f3e2d22942d8ce8734632a
12f9e88be0f1d709d679283565c44f308a45b815
fddb643302f1d08aaca3d37b00587fae31cc32290fd9f7248eea6761b12eef94
GET /service-api/LineFeed/GetSportsShortZip?country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160; _ga_7JGWL9SV66=GS1.1.1702089067.1.0.1702089067.60.0.0; _ga=GA1.1.1683659605.1702089067
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:31:00 GMT
content-type: application/json; charset=utf-8
content-length: 2160
cache-control: public, max-age=5
content-encoding: br
last-modified: Sat, 09 Dec 2023 02:31:00 GMT
vary: Accept-Encoding
x-time-ng: 0.066
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.074
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1683659605.1702089067>m=45je3bt0v897130004&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=385113329
42 B URL www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1683659605.1702089067>m=45je3bt0v897130004&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=385113329
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=1683659605.1702089067>m=45je3bt0v897130004&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=385113329 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 09 Dec 2023 02:31:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je3bt0v897130004&_p=1702089066948&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1683659605.1702089067&ul=en-us&sr=1280x1024&_s=1&sid=1702089067&sct=1&seg=0&dl=https%3A%2F%2F1xlite-497172.top%2Fru%3Ftag%3Ds_1558737m_355c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D16006_30364_d70971_l71502_clickunder%26pb%3Da97213fad9d648e1a13d8fe56a5b07c1%26click_id%3D24925_251116_2_3_g81_%26r%3Dru&dt=%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%81%D0%BA%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%201xBet.%20%D0%9D%D0%BE%D1%80%D0%B2%D0%B5%D0%B3%D0%B8%D1%8F%20%E1%90%89%201xlite-497172.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=17220
0 B URL region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je3bt0v897130004&_p=1702089066948&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1683659605.1702089067&ul=en-us&sr=1280x1024&_s=1&sid=1702089067&sct=1&seg=0&dl=https%3A%2F%2F1xlite-497172.top%2Fru%3Ftag%3Ds_1558737m_355c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D16006_30364_d70971_l71502_clickunder%26pb%3Da97213fad9d648e1a13d8fe56a5b07c1%26click_id%3D24925_251116_2_3_g81_%26r%3Dru&dt=%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%81%D0%BA%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%201xBet.%20%D0%9D%D0%BE%D1%80%D0%B2%D0%B5%D0%B3%D0%B8%D1%8F%20%E1%90%89%201xlite-497172.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=17220
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=45je3bt0v897130004&_p=1702089066948&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1683659605.1702089067&ul=en-us&sr=1280x1024&_s=1&sid=1702089067&sct=1&seg=0&dl=https%3A%2F%2F1xlite-497172.top%2Fru%3Ftag%3Ds_1558737m_355c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D16006_30364_d70971_l71502_clickunder%26pb%3Da97213fad9d648e1a13d8fe56a5b07c1%26click_id%3D24925_251116_2_3_g81_%26r%3Dru&dt=%D0%A1%D1%82%D0%B0%D0%B2%D0%BA%D0%B8%20%D0%BD%D0%B0%20%D1%81%D0%BF%D0%BE%D1%80%D1%82%20%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20-%20%D0%B1%D1%83%D0%BA%D0%BC%D0%B5%D0%BA%D0%B5%D1%80%D1%81%D0%BA%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%201xBet.%20%D0%9D%D0%BE%D1%80%D0%B2%D0%B5%D0%B3%D0%B8%D1%8F%20%E1%90%89%201xlite-497172.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=17220 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-497172.top
date: Sat, 09 Dec 2023 02:31:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
1xlite-497172.top/service-api/LiveFeed/GetSportsShortZip?gr=285&country=137&virtualSports=true&groupChamps=true
200 OK 2.8 kB URL GET HTTP/2 1xlite-497172.top/service-api/LiveFeed/GetSportsShortZip?gr=285&country=137&virtualSports=true&groupChamps=true
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (10850), with no line terminators
Hash 8f0cb1a1cc6718f22349fd6e88c4a4d5
aa752110dca260351f372657ea522b11b960d953
3d210f82272c7d946d422481c8f6368369a87b83dff3ce4adcffdff63c47db28
GET /service-api/LiveFeed/GetSportsShortZip?gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160; _ga_7JGWL9SV66=GS1.1.1702089067.1.0.1702089067.60.0.0; _ga=GA1.1.1683659605.1702089067
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:31:01 GMT
content-type: application/json; charset=utf-8
content-length: 2767
cache-control: public, max-age=5
content-encoding: br
last-modified: Sat, 09 Dec 2023 02:30:56 GMT
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
1xlite-497172.top/service-api/LiveFeed/GetTopGamesStatZip?antisports=66
2.2 kB URL 1xlite-497172.top/service-api/LiveFeed/GetTopGamesStatZip?antisports=66
IP
ASN #202492 Silverhill Group Holding Ltd
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (6156), with no line terminators
Hash 5ee6ff4ac52fd333ca63e5009031d763
858da39cdb67562d1fd0390849daee6df7696509
55943d47b83c2fc3dde415319bc3a7831dba5b3240fc2fa9376dd318b209b787
GET /service-api/LiveFeed/GetTopGamesStatZip?antisports=66 HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160; _ga_7JGWL9SV66=GS1.1.1702089067.1.0.1702089067.60.0.0; _ga=GA1.1.1683659605.1702089067
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:31:01 GMT
content-type: application/json; charset=utf-8
content-length: 2223
cache-control: public, max-age=5
content-encoding: br
last-modified: Sat, 09 Dec 2023 02:31:01 GMT
vary: Accept-Encoding
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.017
X-Firefox-Spdy: h2
1xlite-497172.top/service-api/LiveFeed/Get1x2_VZip?count=20&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
200 OK 8.7 kB URL GET HTTP/2 1xlite-497172.top/service-api/LiveFeed/Get1x2_VZip?count=20&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (42788), with no line terminators
Hash fe905ccce0fc3cfa3d1b41f1384f7243
d6f6b0af1ca1829369c332e38979d94af5c33622
8403de19d2ae1d941f93ef525d7c9a05f834315641f796b10f05021d0e6f927f
GET /service-api/LiveFeed/Get1x2_VZip?count=20&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160; _ga_7JGWL9SV66=GS1.1.1702089067.1.0.1702089067.60.0.0; _ga=GA1.1.1683659605.1702089067
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:31:03 GMT
content-type: application/json; charset=utf-8
content-length: 8737
cache-control: public, max-age=5
content-encoding: br
last-modified: Sat, 09 Dec 2023 02:30:58 GMT
vary: Accept-Encoding
x-time-ng: 0.018
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js
200 OK 108 kB URL GET HTTP/2 widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js
IP
Requested by https://widget.suphelper.top/
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 108 kB (107844 bytes)
Hash 83680ce862de40c43fc92e04b1ad0a3d
67eb6762545f4e1fee446794f4738d0f0577b6b4
e70f39978f08895aef6849daf891af65bff03e476eb9b1384dfb36cd4ac9fe75
GET /_next/static/chunks/main-fa1d3b21fd97b583.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"1a544-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 1372517
expires: Sun, 08 Dec 2024 02:30:50 GMT
server: cloudflare
cf-ray: 8329d4134af4b523-OSL
X-Firefox-Spdy: h2
1xlite-497172.top/web-api/registration/fields
200 OK 53 kB URL POST HTTP/2 1xlite-497172.top/web-api/registration/fields
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , ASCII text, with very long lines (53258), with no line terminators
Hash 53074f6d1726938c8e284d418d24d21f
bb657fe6592f60987976d74fe32a52f5650c47ca
e3fa38bc66ced0d487f8a2655f99bc985ab18cee62aecee635ef0225c5d23dd1
POST /web-api/registration/fields HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
Content-Length: 19
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:52 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=97, dt_total;dur=98.993, wf-uht;dur=0.114
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.099
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-497172.top/web-api/default/img/icons/pixels2.svg?v=1702089060
200 OK 90 B URL GET HTTP/2 1xlite-497172.top/web-api/default/img/icons/pixels2.svg?v=1702089060
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced\012- data
Hash e45f90dcbe718dea3476c4b69b501a4e
e9af26a93c467a77e4733ec537f4f5ce7a4ba089
a439dd8761d9fd4ff88e82e83200877703594491065880dbd4e59ddf4ce1b204
GET /web-api/default/img/icons/pixels2.svg?v=1702089060 HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:53 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=14, dt_total;dur=15.332, wf-uht;dur=0.028
x-dt: 285
x-time-ng: 0.016
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-497172.top/web-api/api/v3/bonuses/first-deposit
200 OK 161 B URL GET HTTP/2 1xlite-497172.top/web-api/api/v3/bonuses/first-deposit
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type troff or preprocessor input, ASCII text, with no line terminators
Hash cf5613a9a38c9b73a243ce1be564c9b5
fead50fc7e444cfe518a00aa23062eaf1b7074c3
2f88a24d355c6b1a9b12c18245d9a14adf5c6735cc5c985b9143467fa8a31c35
GET /web-api/api/v3/bonuses/first-deposit HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:47 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=36, dt_total;dur=37.709, wf-uht;dur=0.053
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.037
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
1xlite-497172.top/web-api/external-api/config/getVideoAccessConfig
200 OK 24 kB URL GET HTTP/2 1xlite-497172.top/web-api/external-api/config/getVideoAccessConfig
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , ASCII text, with very long lines (24122), with no line terminators
Hash cb0bc8eedc642fc591c0eef57e6c67e5
6c62aeececef0a5ff474bb21bf569ad8d48f6bd0
c57136f602923fc19534e58f7da5a483616d80031222372e19a29fd6f22b0a0e
GET /web-api/external-api/config/getVideoAccessConfig HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=24, dt_total;dur=38.686, wf-uht;dur=0.059
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.030
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js
200 OK 3.8 kB URL GET HTTP/2 widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js
IP
Requested by https://widget.suphelper.top/
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type ASCII text, with very long lines (3855), with no line terminators
Hash 7288e202ab8e4cf1b7f60eed709e0986
c10effeb29bf129a7c81688b9f3a7d5485272e87
56e695b4675b50d55a92f006109771a67da822050f5ae03fd2ad02c1a9565b58
GET /_next/static/chunks/webpack-fb94d2f19425a3e3.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"ed0-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 1463639
expires: Sun, 08 Dec 2024 02:30:50 GMT
server: cloudflare
cf-ray: 8329d4134af0b523-OSL
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-7ced565f.js
200 OK 75 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-7ced565f.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_nuxt/desktop/default/vendors/conversion-7ced565f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:55 GMT
content-type: application/javascript; charset=utf-8
content-length: 25770
cache-control: max-age=86400
content-encoding: gzip
etag: "6573016a-64aa"
expires: Sat, 09 Dec 2023 13:27:51 GMT
last-modified: Fri, 08 Dec 2023 11:43:38 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 47017
accept-ranges: bytes
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/6882.webp
200 OK 894 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/6882.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 0af83d4421fda2ba936e09076cf3b756
607f375ba8a2c4c4c2704fe4aa5ffd0691a18dd2
5dcce3ad0309c14c1aab0d01cf4ced75a3987037aac1a8840bb8d27ba4251ad4
GET /resized/size16/sfiles/logo_teams/6882.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 894
cache-control: max-age=94608000
expires: Sun, 16 Aug 2026 20:04:14 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="6882.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 220d4983e7ab87d91c785ce2dfc0d049
x-time-ng: 0.093
age: 9786395
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.suphelper.top/
200 OK 454 kB IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
Size 454 kB (453877 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=60, stale-while-revalidate=30
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8329d411aa8fb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
v3.traincdn.com/_nuxt/desktop/default/commons/app-7f8c7237.js
200 OK 136 kB URL GET HTTP/2 v3.traincdn.com/_nuxt/desktop/default/commons/app-7f8c7237.js
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Size 136 kB (135705 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /_nuxt/desktop/default/commons/app-7f8c7237.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 46098
cache-control: max-age=86400
content-encoding: gzip
etag: "6572cf4f-b412"
expires: Sat, 09 Dec 2023 08:40:33 GMT
last-modified: Fri, 08 Dec 2023 08:09:51 GMT
server: nginx
access-control-allow-origin: *
strict-transport-security: max-age=15724800; includeSubDomains
age: 64233
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/web-api/mobile
200 OK 821 B URL POST HTTP/2 1xlite-497172.top/web-api/mobile
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type troff or preprocessor input, ASCII text, with very long lines (853), with no line terminators
Hash e920984466278060c1b63c318ec46555
d7eb38d7a0eeb0798d7b3122b6941fbf207968bf
4e8f945cc7ea4dffee11e81ad24c74bd0ee45e4ce7e5913b9e8cb9ed7061dedc
POST /web-api/mobile HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=23, dt_total;dur=62.927, wf-uht;dur=0.072
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.044
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/302153.webp
200 OK 682 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/302153.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type RIFF (little-endian) data, Web/P image\012- data
Hash cf7ae33adff1cf3b57ec0fe5e2739f84
7dad8cf7d10fd90201599fbdc2aff7f2340c1964
352e52741e48afb8ed18c38e31dde836ae4960f7f3b6754269d08d48fddd2551
GET /resized/size16/sfiles/logo_teams/302153.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:52 GMT
content-type: image/webp
content-length: 682
cache-control: max-age=94608000
expires: Fri, 18 Sep 2026 00:17:51 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="302153.webp"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 86c1d941328f02c9e53956698bd2c81d
x-time-ng: 0.000
age: 7006610
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/58038034/_middlewareManifest.js
200 OK 92 B URL GET HTTP/2 widget.suphelper.top/_next/static/58038034/_middlewareManifest.js
IP
Requested by https://widget.suphelper.top/
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type ASCII text, with no line terminators
Hash 7c3f7e060745668041278118c0bb3d6d
e639f56695b3cc30d78dce7a0084aa8299a1311a
de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a
GET /_next/static/58038034/_middlewareManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Fri, 08 Dec 2023 13:53:54 GMT
etag: W/"5c-18c49b4cc39"
vary: Accept-Encoding
cf-cache-status: HIT
age: 45219
expires: Sun, 08 Dec 2024 02:30:50 GMT
server: cloudflare
cf-ray: 8329d4136affb523-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size14/sfiles/logo_teams/8496.webp
200 OK 757 B URL GET HTTP/2 v3.traincdn.com/resized/size14/sfiles/logo_teams/8496.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 14 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash d7ec68c18265f64b7773a0494f7c34a7
514d8801002208c213170c6ca8be733301cad596
5c7da84c61dc09fd61ade985ca5f44e7ff604e1b07cdc89407b1d22deec60463
GET /resized/size14/sfiles/logo_teams/8496.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:51 GMT
content-type: image/png
content-length: 757
cache-control: max-age=94608000
expires: Sat, 05 Sep 2026 13:41:27 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="8496.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 86965b016690723e95eae799a38d4211
x-time-ng: 0.000
age: 8081364
accept-ranges: bytes
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/pages/index-7e93487155d858a0.js
200 OK 111 kB URL GET HTTP/2 widget.suphelper.top/_next/static/chunks/pages/index-7e93487155d858a0.js
IP
Requested by https://widget.suphelper.top/
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Size 111 kB (110955 bytes)
Hash a1d1ad1a7badceac5e867b511a04ed07
6f8363a6f2b9887abee77e90f25be0d370149299
58a1cd1fd18ffaf7dca0a434913e2497cbc6c8da2769e04e228d23d3bff5be4e
GET /_next/static/chunks/pages/index-7e93487155d858a0.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Fri, 08 Dec 2023 13:53:54 GMT
etag: W/"1b16b-18c49b4cc39"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 45219
expires: Sun, 08 Dec 2024 02:30:50 GMT
server: cloudflare
cf-ray: 8329d4135af9b523-OSL
X-Firefox-Spdy: h2
1xlite-497172.top/web-api/session
204 No Content 0 B URL GET HTTP/2 1xlite-497172.top/web-api/session
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /web-api/session HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 204 No Content
server: nginx
date: Sat, 09 Dec 2023 02:30:55 GMT
cache-control: no-cache, private
server-timing: p;dur=19, dt_total;dur=26.175, wf-uht;dur=0.039
x-dt: 285
x-time-ng: 0.025
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
widget.suphelper.top/_next/static/chunks/0c294a17-47e02e0897fc1e03.js
200 OK 9.8 kB URL GET HTTP/2 widget.suphelper.top/_next/static/chunks/0c294a17-47e02e0897fc1e03.js
IP
Requested by https://widget.suphelper.top/
Certificate IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint1C:D4:4C:1C:DB:7D:59:7D:EE:39:59:B9:F7:76:9F:87:4C:EA:5E:01
ValidityWed, 29 Nov 2023 10:21:51 GMT - Tue, 27 Feb 2024 10:21:50 GMT
File type troff or preprocessor input, ASCII text, with very long lines (10375), with no line terminators
Hash bd7ec2af6a070c99fb7714f553485d57
dd8f253197efd1b7e134a8264f23cebd93d3645d
08cba9072ecc88e4a67bba8f4a4ad54425db95d75dba53fc34531ccb8a91729e
GET /_next/static/chunks/0c294a17-47e02e0897fc1e03.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:50 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"266f-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 1015979
expires: Sun, 08 Dec 2024 02:30:50 GMT
server: cloudflare
cf-ray: 8329d4135af6b523-OSL
X-Firefox-Spdy: h2
v3.traincdn.com/resized/size16/sfiles/logo_teams/6908.webp
200 OK 552 B URL GET HTTP/2 v3.traincdn.com/resized/size16/sfiles/logo_teams/6908.webp
IP
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 03cbecdfa77bf08ec5e26b88e7efbd20
cf398aeac786fc43dc7532d61af3fdd8d586b9ca
51a032b5b725c6b8d12f7f83245a0aad5eae0d4803a79b69bab11859bfc38868
GET /resized/size16/sfiles/logo_teams/6908.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-497172.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Sat, 09 Dec 2023 02:30:48 GMT
content-type: image/png
content-length: 552
cache-control: max-age=94608000
expires: Sun, 16 Aug 2026 20:10:20 GMT
server: nginx
access-control-allow-origin: *
content-disposition: inline; filename="6908.png"
content-security-policy: script-src 'none'
strict-transport-security: max-age=15724800; includeSubDomains
x-request-id: 961686eb6a3c436a2cd09be0025f6a0e
x-time-ng: 0.061
age: 9786692
accept-ranges: bytes
X-Firefox-Spdy: h2
1xlite-497172.top/web-api/q/4d4j0j024d1j6h2dd939b0ed386cf60be41f649986c2148c4c41
200 OK 2 B URL POST HTTP/2 1xlite-497172.top/web-api/q/4d4j0j024d1j6h2dd939b0ed386cf60be41f649986c2148c4c41
IP
ASN #202492 Silverhill Group Holding Ltd
Requested by https://1xlite-497172.top/ru?tag=s_1558737m_355c_[]MS[]null[]null[]general[]16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
Certificate IssuerLet's Encrypt
Subject1xlite-497172.top
Fingerprint67:A4:CD:5E:7F:7F:FC:63:37:86:E5:62:B0:A8:A3:D7:B4:9C:77:FA
ValidityThu, 02 Nov 2023 05:19:19 GMT - Wed, 31 Jan 2024 05:19:18 GMT
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /web-api/q/4d4j0j024d1j6h2dd939b0ed386cf60be41f649986c2148c4c41 HTTP/1.1
Host: 1xlite-497172.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-497172.top/ru?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=24925_251116_2_3_g81_&r=ru
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Content-Length: 32412
Origin: https://1xlite-497172.top
DNT: 1
Connection: keep-alive
Cookie: platform_type=desktop; lng=ru; cookies_agree_type=3; tzo=1; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D16006_30364_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2224925_251116_2_3_g81_%22%2C%22r%22%3A%22ru%22%7D; auid=sv0YVWVz0VQP+MTSAxY0Ag==; SESSION=6143035829f7916626520aaf92b5604a; window_width=1280; che_g=cbfe998c-8e83-bd24-8852-d5d33cb4408d; _glhf=1702106824; sh.session.id=6459d83f-f917-4839-9779-7e4f61190354; ggru=160
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Sat, 09 Dec 2023 02:30:57 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=22, dt_total;dur=23.000, wf-uht;dur=0.043
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.023
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
178.253.24.85
142.250.74.163
0.0.0.0