lite-1x500621.top Open in urlscan Pro
178.253.14.144 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://0220.ga/s/
Effective URL:
https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
Submission: On November 23 via manual (November 23rd 2022, 7:02:13 am UTC) from LB — Scanned from DE

Summary HTTP 76 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 3 countries across 11 domains to perform 76 HTTP transactions. The main IP is 178.253.14.144, located in Iran, Islamic Republic Of and belongs to SGHL1-AS, NL. The main domain is lite-1x500621.top.
TLS certificate: Issued by R3 on September 8th 2022. Valid for: 3 months.

This is the only time lite-1x500621.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2606:4700:303... 2606:4700:3035::6815:29b4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	178.253.14.29 178.253.14.29	202492 (SGHL1-AS) (SGHL1-AS)
1 1	178.253.47.23 178.253.47.23	202492 (SGHL1-AS) (SGHL1-AS)
1 49	178.253.14.144 178.253.14.144	202492 (SGHL1-AS) (SGHL1-AS)
10	8.238.191.122 8.238.191.122	3356 (LEVEL3) (LEVEL3)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	35.241.57.45 35.241.57.45	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	() ()
76	11

4 2606:4700:3035::6815:29b4 (United States)

ASN13335 (CLOUDFLARENET, US)

0220.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.253.14.29 (Iran, Islamic Republic Of) 1 redirects

ASN202492 (SGHL1-AS, NL)

refpa53115.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.253.47.23 (Iran, Islamic Republic Of) 1 redirects

ASN202492 (SGHL1-AS, NL)

1x-xredbet002400.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

49 178.253.14.144 (Iran, Islamic Republic Of) 1 redirects

ASN202492 (SGHL1-AS, NL)

lite-1x500621.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 8.238.191.122 (United States)

ASN3356 (LEVEL3, US)

v3.cdnsfree.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.57.45 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 45.57.241.35.bc.googleusercontent.com

radar.cedexis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	lite-1x500621.top 1 redirects lite-1x500621.top	112 KB
10	cdnsfree.com v3.cdnsfree.com — Cisco Umbrella Rank: 164343	1 MB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36 region1.google-analytics.com — Cisco Umbrella Rank: 2536	64 KB
4	0220.ga 0220.ga	11 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 53	123 KB
1	doubleclick.net stats.g.doubleclick.net	440 B
1	cedexis.com radar.cedexis.com — Cisco Umbrella Rank: 2858	19 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43	2 KB
1	1x-xredbet002400.top 1 redirects 1x-xredbet002400.top — Cisco Umbrella Rank: 137283	392 B
1	refpa53115.top 1 redirects refpa53115.top — Cisco Umbrella Rank: 657429	196 B
76	11

	Domain	Requested by
49	lite-1x500621.top	1 redirects 0220.ga v3.cdnsfree.com
10	v3.cdnsfree.com	lite-1x500621.top v3.cdnsfree.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	0220.ga	0220.ga
3	www.googletagmanager.com	v3.cdnsfree.com www.googletagmanager.com
2	region1.google-analytics.com	www.googletagmanager.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	radar.cedexis.com	v3.cdnsfree.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	lite-1x500621.top
1	1x-xredbet002400.top	1 redirects
1	refpa53115.top	1 redirects
76	12

This site contains no links.

Subject Issuer	Validity	Valid
*.0220.ga GTS CA 1P5	`2022-11-10` - `2023-02-08`	3 months	crt.sh
*.lite-1x500621.top R3	`2022-09-08` - `2022-12-07`	3 months	crt.sh
*.cdnsfree.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-27` - `2023-06-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
radar.cedexis.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
Frame ID: A79B993FB719BE49F76936E923CAFA16
Requests: 76 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

1XBET.COM Buchmacher. Hohe Quoten. 24-Stunden Kundendienst

Page URL History Show full URLs

https://0220.ga/s/ Page URL
https://refpa53115.top/L?tag=d_706649m_97c_sms_all&site=706649&ad=97&r=office/bonuses/ HTTP 303
https://1x-xredbet002400.top/office/bonuses/?tag=d_706649m_97c_sms_all HTTP 307
https://lite-1x500621.top/office/bonuses/?tag=d_706649m_97c_sms_all HTTP 302
https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all Page URL

Detected technologies

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

76
Requests

99 %
HTTPS

58 %
IPv6

11
Domains

12
Subdomains

11
IPs

3
Countries

1768 kB
Transfer

7292 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://0220.ga/s/ Page URL
https://refpa53115.top/L?tag=d_706649m_97c_sms_all&site=706649&ad=97&r=office/bonuses/ HTTP 303
https://1x-xredbet002400.top/office/bonuses/?tag=d_706649m_97c_sms_all HTTP 307
https://lite-1x500621.top/office/bonuses/?tag=d_706649m_97c_sms_all HTTP 302
https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

76 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
0220.ga/s/ 345 B
679 B 389ms
111ms Document
text/html 2606:4700:3035::6815:29b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0220.ga/s/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:29b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 048109731a12bfb0674cb64f273963ce383b18a55c9f6c53ac9b5c56bc1648ba

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 76e809a47c189171-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 23 Nov 2022 07:02:09 GMT
last-modified: Fri, 12 Jun 2020 09:57:05 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJ7EuwYt0GBu4QiiQ1nbXccH1GsCqVCH2R%2BZR6q9difJsKZ75d5U5bt%2FSe3TUeFRlPESSZqUKkUggf8Jx%2FFNZQQIBsTp5oke9%2BA7THe5jIiiNtJOK%2BXWo7WWo388dvrbUXfs1phf"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 rocket-loader.min.js Show response
0220.ga/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 18ms
18ms Script
application/javascript 2606:4700:3035::6815:29b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://0220.ga/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: 0220.ga
URL: https://0220.ga/s/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::6815:29b4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0220.ga/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 21 Nov 2022 12:02:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"637b68ca-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AZ%2BWbnKfBl0AeZn0wIAUe3PCzuABylw37YxI3QyIXS3fc0OuiZ%2FwoeKWFRirscAEMI%2FD4iLJnfUkAcYfxGuYZjHJFvjJjhn%2BftGD4%2Frq%2FztvKZCNgAkmNnAVf66w64bPlE4TQz7U"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 76e809a5cf129171-FRA
expires: Fri, 25 Nov 2022 07:02:09 GMT

GET
H2 200 api.js Show response
0220.ga/s/1x_dom/ 689 B
786 B 33ms
33ms Script
application/javascript 2606:4700:3035::6815:29b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0220.ga/s/1x_dom/api.js
Requested by: Host: 0220.ga
URL: https://0220.ga/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:29b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5bfe7acb21ff40f604552f0a5b197fcca669f84c4d02b58cf29301e8eb0fc5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0220.ga/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 142593
cf-polished: origSize=1094
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 23 Oct 2020 11:28:51 GMT
server: cloudflare
etag: W/"5f92be73-446"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n%2FCfESvlX86xL1%2Bqkrs0UrDIM14rPr8xlU5aUKaxNdeIA6Sn0w4w7%2BUIhHb0UdZRFaMeaMV5AGzFeg4VK1GW0ajG6PkuQXBO%2B914hynUbjgDBhR59Tv0qT9XefvFYmFP9sqtpVay"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
cf-ray: 76e809a5ff7d9171-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 api.php
0220.ga/s/1x_dom/ 31 KB
6 KB 69ms
69ms XHR
text/html 2606:4700:3035::6815:29b4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0220.ga/s/1x_dom/api.php
Requested by: Host: 0220.ga
URL: https://0220.ga/s/1x_dom/api.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:29b4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0220.ga/s/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gR6hLZvtTVu0KOnrK0BhydPgNuLZ5k4kK%2B%2FlQkcU%2Bmao1x9DW22wSIRm%2F7vX89PBFE9HZPWtHKt5tpaFjUlpZPT6DNS9AmqlrdsSLa6mdVj0ye4w25SgIx4sZ97HszBSDMQlbM4"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 76e809a62ff69171-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

Primary Request bonuses Show response
lite-1x500621.top/de/office/
Redirect Chain

https://refpa53115.top/L?tag=d_706649m_97c_sms_all&site=706649&ad=97&r=office/bonuses/
https://1x-xredbet002400.top/office/bonuses/?tag=d_706649m_97c_sms_all
https://lite-1x500621.top/office/bonuses/?tag=d_706649m_97c_sms_all
https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all

5 KB
2 KB

57ms
56ms

Document
text/html

178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all

Requested by

Host: 0220.ga
URL: https://0220.ga/s/1x_dom/api.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

d2b5135ec4d2c10275a6846c7e2ca3202cb9901ccc7cc72a4c03e4c9d18a68a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://0220.ga/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 23 Nov 2022 07:02:10 GMT
server: nginx
server-timing: total;dur=1;desc="Nuxt Server Time" dt_285;dur=2
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN

Redirect headers

date: Wed, 23 Nov 2022 07:02:10 GMT
location: /de/office/bonuses?tag=d_706649m_97c_sms_all
reason-v3: empty_lang
server: nginx
server-timing: total;dur=0;desc="Nuxt Server Time" dt_285;dur=2
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN

GET
H2 200 version.json
v3.cdnsfree.com/ 11 B
360 B 335ms
16ms Other
application/json 8.238.191.122
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.cdnsfree.com/version.json

Requested by

Host: lite-1x500621.top
URL: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.238.191.122 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

nginx /

Resource Hash

c23f935153892f2662853d18637cc19852cc482cd9217c7d88f770f12ce52e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://lite-1x500621.top/
Origin: https://lite-1x500621.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:10 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 09:03:32 GMT
server: nginx
age: 20
etag: "637c9064-2c"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60, s-maxage=60
accept-ranges: bytes
content-length: 44
expires: Wed, 23 Nov 2022 07:02:50 GMT

GET
H2 200 css2
fonts.googleapis.com/ 40 KB
2 KB 64ms
26ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: lite-1x500621.top
URL: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

baf35ed1e4c5ce9b641a6bcf926cceeee1c5e9a6685a8a796976676daf0ad16e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Nov 2022 07:02:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 05:07:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Nov 2022 07:02:10 GMT

GET
H2 200 b5b0f598.modern.js Show response
v3.cdnsfree.com/_nuxt/desktop/default/ 17 KB
7 KB 335ms
17ms Script
application/javascript 8.238.191.122
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.cdnsfree.com/_nuxt/desktop/default/b5b0f598.modern.js

Requested by

Host: lite-1x500621.top
URL: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.238.191.122 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

nginx /

Resource Hash

2c2ea262143e5a9045397f0d59e94ea4dd723146c5512753ead482dd0a830550

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://lite-1x500621.top/
Origin: https://lite-1x500621.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:10 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 08:52:41 GMT
server: nginx
age: 78323
etag: "637c8dd9-19ad"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 6573
expires: Wed, 23 Nov 2022 09:17:02 GMT

GET
H2 200 3408befd.modern.js Show response
v3.cdnsfree.com/_nuxt/desktop/default/ 278 KB
92 KB 336ms
18ms Script
application/javascript 8.238.191.122
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Requested by

Host: lite-1x500621.top
URL: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.238.191.122 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

nginx /

Resource Hash

e078a7e402d29ad9e9ce54d3fd54133807c2ce1128707a340a49c207613a60f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://lite-1x500621.top/
Origin: https://lite-1x500621.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:10 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 08:52:41 GMT
server: nginx
age: 78323
etag: "637c8dd9-16cee"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 93422
expires: Wed, 23 Nov 2022 09:17:04 GMT

GET
H2 200 76223bc7.css
v3.cdnsfree.com/_nuxt/desktop/default/css/ 400 KB
48 KB 337ms
19ms Stylesheet
text/css 8.238.191.122
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.cdnsfree.com/_nuxt/desktop/default/css/76223bc7.css

Requested by

Host: lite-1x500621.top
URL: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.238.191.122 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

nginx /

Resource Hash

23e384ad5e338da386748ce08ad798f3b732a7e0563e9889e3d310d33c19c5a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:10 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 08:57:36 GMT
server: nginx
age: 58152
etag: "637c8f00-bd36"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 48438
expires: Wed, 23 Nov 2022 14:53:00 GMT

GET
H2 200 89637565.modern.js Show response
v3.cdnsfree.com/_nuxt/desktop/default/ 3 MB
643 KB 372ms
53ms Script
application/javascript 8.238.191.122
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.cdnsfree.com/_nuxt/desktop/default/89637565.modern.js

Requested by

Host: lite-1x500621.top
URL: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.238.191.122 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

nginx /

Resource Hash

44956f38f015f0b02be8c96612246b0dfe8e97765024053faafecea325d32cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://lite-1x500621.top/
Origin: https://lite-1x500621.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:10 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 08:52:41 GMT
server: nginx
age: 78323
etag: "637c8dd9-a061d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 656925
expires: Wed, 23 Nov 2022 09:17:01 GMT

GET
H2 200 1b9a7709.css
v3.cdnsfree.com/_nuxt/desktop/default/css/ 700 KB
82 KB 348ms
30ms Stylesheet
text/css 8.238.191.122
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.cdnsfree.com/_nuxt/desktop/default/css/1b9a7709.css

Requested by

Host: lite-1x500621.top
URL: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.238.191.122 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

nginx /

Resource Hash

8a2d9ac95a919f3935dbf53d01a07b8ed975c34e19bb61bf34b361d503a52e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:10 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 08:52:41 GMT
server: nginx
age: 78323
etag: "637c8dd9-146a9"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 83625
expires: Wed, 23 Nov 2022 09:16:55 GMT

GET
H2 200 a3cebb14.modern.js Show response
v3.cdnsfree.com/_nuxt/desktop/default/ 2 MB
518 KB 336ms
18ms Script
application/javascript 8.238.191.122
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.cdnsfree.com/_nuxt/desktop/default/a3cebb14.modern.js

Requested by

Host: lite-1x500621.top
URL: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.238.191.122 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

nginx /

Resource Hash

c2b9151fd74fe85a7943b70a659879b430233456286e9b31de0810015876f10d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://lite-1x500621.top/
Origin: https://lite-1x500621.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:10 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 08:52:41 GMT
server: nginx
age: 78322
etag: "637c8dd9-815d0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 529872
expires: Wed, 23 Nov 2022 09:17:02 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 54ms
15ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Righteous&family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://lite-1x500621.top
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Thu, 17 Nov 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 472795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Nov 2023 19:42:15 GMT

GET
H2 200 settings.json Show response
lite-1x500621.top/genfiles/cms/maintenance_mode/ 145 B
411 B 41ms
40ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/maintenance_mode/settings.json?timestamp=1669186930914

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/a3cebb14.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:10 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 17 Nov 2022 07:57:48 GMT
server: nginx
etag: "55385fdddab661013ad8f678cd75ac88"
content-type: application/json
x-rgw-object-type: Normal
cache-control: public,max-age=60,s-maxage=60
accept-ranges: bytes
content-length: 145

GET
H2 200 pwa Show response
lite-1x500621.top/ 15 B
225 B 403ms
403ms Fetch
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/pwa

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/a3cebb14.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
etag: W/"f-65jex68GXYCho925nLPjwJGaqFI"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
server-timing: dt_285;dur=360
content-length: 15

GET
H2 200 getLangs Show response
lite-1x500621.top/frontend-api/site-conf/ 4 KB
2 KB 45ms
45ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/frontend-api/site-conf/getLangs

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

5e91ae1750f9b11a9683b19eea192f67ffffc9e0c9ef7cd2385bb7032a82b770

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:11 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
etag: W/"1071-dca+6usly0QXbPivAH1hm0tED2k"
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H2 200 actualDomain Show response
lite-1x500621.top/web-api/api/web/v1/config/ 296 B
615 B 722ms
721ms XHR
application/vnd.api+json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/web-api/api/web/v1/config/actualDomain

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

ccd6a84bbfeb21fadfca7e9e897dcccc7ab5b78233efec099c033941ce8ba08a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
cache-control: no-cache, private
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
server-timing: p;dur=35, dt_285;dur=551
content-type: application/vnd.api+json

POST
H2 200 all Show response
lite-1x500621.top/web-api/external-api/config/ 37 KB
9 KB 174ms
173ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/web-api/external-api/config/all

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

98fc08a893e6c6ec0f82ec6b5d1a6b9179d3feeefeb8642c8c0a6391bdf5ec25

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, private
server-timing: p;dur=93, dt_285;dur=94

GET
H2 200 GetSports Show response
lite-1x500621.top/service-api/DbService/LongCache/ 10 KB
4 KB 54ms
54ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/service-api/DbService/LongCache/GetSports?lng=de

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

5c55a99708e5b25c79529eac5c9c2f741e91d9acf779c94d5f08bf9183394b8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: public,max-age=1800
content-length: 3684

GET
H2 400 check Show response
lite-1x500621.top/web-api/api/internal/v1/blocks/ 16 KB
17 KB 137ms
137ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/web-api/api/internal/v1/blocks/check

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

47384946e1ff4b8745fe6a4c9fd88b708cbfdf0c4da0c573e6199cacbdb9a460

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
cache-control: no-cache, private
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-block: 18
server: nginx
server-timing: dt_285;dur=57
content-type: application/json

GET
H2 200 user Show response
lite-1x500621.top/web-api/api/internal/v1/sessions/ 16 B
258 B 110ms
109ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/web-api/api/internal/v1/sessions/user

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, private
server-timing: p;dur=36, dt_285;dur=38

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 112 KB
44 KB 62ms
24ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-178408567-1

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/89637565.modern.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8036849d65bcb46f39822bf834c190ee7abb2dc3806bd8327997905bccc52c9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44661
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Nov 2022 07:02:12 GMT

GET
H2 200 radar.js Show response
radar.cedexis.com/1593429750/ 44 KB
19 KB 67ms
20ms Script
application/javascript 35.241.57.45
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://radar.cedexis.com/1593429750/radar.js
Requested by: Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/89637565.modern.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.57.45 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 45.57.241.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: gzip
via: 1.1 google
last-modified: Mon, 29 Jun 2020 11:30:33 GMT
server: nginx
etag: W/"5ef9d0d9-af5c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=1209600, public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 07 Dec 2022 07:02:12 GMT

GET
H2 200 version.json Show response
lite-1x500621.top/ 11 B
359 B 53ms
53ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/version.json?timestamp=1669186932663

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

c23f935153892f2662853d18637cc19852cc482cd9217c7d88f770f12ce52e5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 09:03:32 GMT
server: nginx
etag: "637c9064-2c"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
content-length: 44
expires: Wed, 23 Nov 2022 07:03:12 GMT

GET
H2 200 284d55af.modern.js Show response
v3.cdnsfree.com/_nuxt/desktop/default/ 2 KB
1 KB 18ms
18ms Script
application/javascript 8.238.191.122
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.cdnsfree.com/_nuxt/desktop/default/284d55af.modern.js

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/b5b0f598.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.238.191.122 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

nginx /

Resource Hash

78148a7a7c8acc9d4b2a1d700f6bb71588e9caa0f88c382c302eaa96a75e3929

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 08:52:41 GMT
server: nginx
age: 78315
etag: "637c8dd9-43b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 1083
expires: Wed, 23 Nov 2022 09:17:09 GMT

GET
H2 200 metadata Show response
lite-1x500621.top/web-api/external-api/seo/ 213 B
404 B 145ms
145ms XHR
application/vnd.api+json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/web-api/external-api/seo/metadata?url=https:%2F%2Flite-1x500621.top%2Fde%2Foffice%2Fbonuses&geo=53&language=de

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

07cdbe1e59119250771a8773362671c109b87f43a622c29d53dd35afeab16b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*, application/vnd.api+json
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
cache-control: max-age=300, private
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
server-timing: p;dur=84, dt_285;dur=86
content-type: application/vnd.api+json

GET
H2 200 canonical Show response
lite-1x500621.top/web-api/external-api/seo/links/ 122 B
314 B 199ms
199ms XHR
application/vnd.api+json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/web-api/external-api/seo/links/canonical?url=https:%2F%2Flite-1x500621.top%2Fde%2Foffice%2Fbonuses

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

8171f4620bee17bbf5859fc151a0913b9e89b9d83607d827ad74783744598b1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*, application/vnd.api+json
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
cache-control: max-age=300, private
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
server-timing: p;dur=103, dt_285;dur=104
content-type: application/vnd.api+json

GET
H2 200 load Show response
lite-1x500621.top/web-api/api/converslon/ 7 KB
2 KB 104ms
104ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/web-api/api/converslon/load

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

90c942afe21c8fc79c0037596d431cd83cec539ea291cd2a0eafc319701701e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
vary: Accept-Encoding
content-type: application/json
cache-control: no-cache, private
server-timing: p;dur=30, dt_285;dur=34

GET
H2 200 de Show response
lite-1x500621.top/translation-api/by-lang/ 6 KB
6 KB 68ms
68ms XHR
application/vnd.api+json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/translation-api/by-lang/de

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

26168118e47a2f33ea8a4b095f9a3ab8439df26246c52aa2c14cd6412a2ff788

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/vnd.api+json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization

GET
H2 200 / Show response
lite-1x500621.top/checker/redirect/stat/run/ 14 B
230 B 92ms
92ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/checker/redirect/stat/run/

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: private
content-length: 49

GET
H2 200 dictionary_03925941b7a29aa427e971fbca5f12ff.json Show response
lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_main/de/ 55 KB
19 KB 36ms
35ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_main/de/dictionary_03925941b7a29aa427e971fbca5f12ff.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

7cfd2277e83ddc360442d2412638ec407c005c60d03414c2b799d55e0aca7d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 17:37:39 GMT
server: nginx
etag: W/"af6402fa6b85f8a622c1912c5315be22"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-rgw-object-type: Normal
cache-control: max-age=31536000

GET
H2 200 dictionary_17a130db5d1a3d4718e8541e3724f829.json Show response
lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_coupon/de/ 15 KB
5 KB 52ms
52ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_coupon/de/dictionary_17a130db5d1a3d4718e8541e3724f829.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

ba35a33dafed0e7440e7f30c9d6c390a168d44123066c6ced416168317d38715

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 17:37:40 GMT
server: nginx
etag: W/"2bd7a17abb413bc95222d2022fb89cd7"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-rgw-object-type: Normal
cache-control: max-age=31536000

GET
H2 200 dictionary_68ae50ff6eb2055109747c636c25c5ad.json Show response
lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_game/de/ 14 KB
5 KB 40ms
40ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_game/de/dictionary_68ae50ff6eb2055109747c636c25c5ad.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

19805a3cb96449b4eee9861385bbd671fdaa5083cf5deafb14aa850e265f2979

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 17:37:40 GMT
server: nginx
etag: W/"f7b989e4a5e38550f46ed58f5cfefc05"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-rgw-object-type: Normal
cache-control: max-age=31536000

GET
H2 200 dictionary_a8458f368dbf5f09df866bd0248a86e3.json Show response
lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_auth/de/ 7 KB
4 KB 29ms
29ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_auth/de/dictionary_a8458f368dbf5f09df866bd0248a86e3.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

3aeb2e6e6a577890aed99e4513a6b9d7aea62fdabeca6c3cd08596868d73b2b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 17:37:41 GMT
server: nginx
etag: W/"78d27fc6ee56994807312fff41294e2d"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-rgw-object-type: Normal
cache-control: max-age=31536000

GET
H2 200 dictionary_e38b2e56a627441c8bec554bbc11e3ac.json Show response
lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_registration/de/ 6 KB
3 KB 40ms
40ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_registration/de/dictionary_e38b2e56a627441c8bec554bbc11e3ac.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

ee094fc8f7b08dcf1c1f70b58026fdb70435ab4ba70defebba6e138df15b7b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 17:37:44 GMT
server: nginx
etag: W/"a5dd04cd2df36f1666b78742ed30729a"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-rgw-object-type: Normal
cache-control: max-age=31536000

GET
H2 200 dictionary_9e6f683da01ed8fab093808f87685773.json Show response
lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_express_day/de/ 430 B
696 B 41ms
41ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_express_day/de/dictionary_9e6f683da01ed8fab093808f87685773.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

42588f2c9b657973bdcb78026a701f73d057fc42e305382b5c2473093b488c06

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 17:37:54 GMT
server: nginx
etag: "98b2b17738689f8840324fb7a9ada753"
content-type: application/json; charset=utf-8
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 430

GET
H2 200 dictionary_36ef70af0bc1bc84a03f45490d8b858f.json Show response
lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_forgot_password/de/ 3 KB
1 KB 42ms
42ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_forgot_password/de/dictionary_36ef70af0bc1bc84a03f45490d8b858f.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

193484985e3c0c2b29e1ba992c72f0b6c0dcfe679f2ccffb5bd5c2d0d2d5ef7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 17:37:44 GMT
server: nginx
etag: W/"5750806e59a1062a408247ec4c26dd84"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-rgw-object-type: Normal
cache-control: max-age=31536000

GET
H2 200 dictionary_8290a321ce05517bac5963ed76e2d0a8.json Show response
lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_block_pages/de/ 652 B
918 B 43ms
42ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/web-app-v2/dictionary2/v3_block_pages/de/dictionary_8290a321ce05517bac5963ed76e2d0a8.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

15564c5d7d5f3b30c202aae5a9d40bd67f4e6d624172e744668365a22d27f9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 17:37:47 GMT
server: nginx
etag: "9e913ddfca4bcf9b7533a78eabd4d650"
content-type: application/json; charset=utf-8
x-rgw-object-type: Normal
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 652

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
79 KB 68ms
36ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178408567-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3d95c39fcdb7ea59b4cc8410d4ce07a8de20b23041a73a482287e8914c97e9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80580
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 23 Nov 2022 07:02:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 56ms
16ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-178408567-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 23 Nov 2022 05:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6378
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 23 Nov 2022 07:15:54 GMT

GET
H2 200 369a9baa.modern.js Show response
v3.cdnsfree.com/_nuxt/desktop/default/ 13 KB
6 KB 17ms
16ms Script
application/javascript 8.238.191.122
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.cdnsfree.com/_nuxt/desktop/default/369a9baa.modern.js

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/b5b0f598.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.238.191.122 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

nginx /

Resource Hash

7478a15bc2ad3eb0a0fd7e9936e299294033b0a0b57e4f178decd0d467ae2b77

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 08:52:41 GMT
server: nginx
age: 78314
etag: "637c8dd9-14f9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 5369
expires: Wed, 23 Nov 2022 09:17:27 GMT

GET
H2 200 6272cce6.modern.js Show response
v3.cdnsfree.com/_nuxt/desktop/default/ 74 KB
26 KB 16ms
16ms Script
application/javascript 8.238.191.122
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL

https://v3.cdnsfree.com/_nuxt/desktop/default/6272cce6.modern.js

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/b5b0f598.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

8.238.191.122 , United States, ASN3356 (LEVEL3, US),

Reverse DNS

Software

nginx /

Resource Hash

1caa3ddfbd6c1a678916ce03ab098d85e0db82a38785ce3e5e34ca23421345c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 08:52:41 GMT
server: nginx
age: 78313
etag: "637c8dd9-65ff"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
accept-ranges: bytes
content-length: 26111
expires: Wed, 23 Nov 2022 09:17:27 GMT

GET
H2 200 285 Show response
lite-1x500621.top/media-api/external/v1/actual-list/ 6 KB
2 KB 91ms
91ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/media-api/external/v1/actual-list/285

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

56bf2e2ee17ee1d7e0867499cd7b9fee3144eacb1d5a4956d1f33eed2f0e52b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, PATCH, DELETE
content-type: application/json
access-control-allow-origin: https://gitlab.xbet.lan,https://doc.office.lan
server-timing: dt_285;dur=1

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 110 KB
43 KB 56ms
24ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-5R4MT54&t=gtag_UA_178408567_1&cid=238920388.1669186933

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f9f35ce72cf40d8488c4e6bb3c81338f2b70a1393336d5e16f29010f39e039f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44111
x-xss-protection: 0
last-modified: Wed, 23 Nov 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 23 Nov 2022 07:02:12 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 63ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-5671CMJ6T4&gtm=2oeb90&_p=572833845&cid=238920388.1669186933&ul=en-us&sr=1600x1200&_s=1&sid=1669186932&sct=1&seg=0&dl=https%3A%2F%2Flite-1x500621.top%2Fde%2Foffice%2Fbonuses%3Ftag%3Dd_706649m_97c_sms_all&dr=https%3A%2F%2F0220.ga%2F&dt=1XBET.COM%20Buchmacher.%20Hohe%20Quoten.%2024-Stunden%20Kundendienst&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 07:02:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lite-1x500621.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 60ms
23ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=2oeb90&_p=572833845&cid=238920388.1669186933&ul=en-us&sr=1600x1200&_s=1&sid=1669186932&sct=1&seg=0&dl=https%3A%2F%2Flite-1x500621.top%2Fde%2Foffice%2Fbonuses%3Ftag%3Dd_706649m_97c_sms_all&dr=https%3A%2F%2F0220.ga%2F&dt=1XBET.COM%20Buchmacher.%20Hohe%20Quoten.%2024-Stunden%20Kundendienst&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 07:02:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lite-1x500621.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bf43d000ee6a2f880414c6d30fa65f16.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 213 B
501 B 42ms
42ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/bf43d000ee6a2f880414c6d30fa65f16.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

e6b0a1eae34b4482b88f3861bd7832121426684306b132f1fc8bd10f1f3b7fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 18 Oct 2022 16:10:08 GMT
server: nginx
etag: "02004c1d6a262d9e925a5985f6817527"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 213

GET
H2 200 43ed679657f7ef878048e72748abf88f.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 613 B
902 B 41ms
41ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/43ed679657f7ef878048e72748abf88f.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

c7968174d92e899f14b40cb58bdf50f76686ece76742b1b20ee5b3a14cd8c3d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 18 Oct 2022 16:08:39 GMT
server: nginx
etag: "f4d88b39a2987ea36d5821d9b5cf0bc3"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 613

GET
H2 200 70494f5df0c0a827f1f586c2805b3679.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 15 KB
3 KB 43ms
42ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/70494f5df0c0a827f1f586c2805b3679.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

938af906f6e293fe2124f3224f57dff4b5a6fe1c34accd7cded466667b8cec34

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 18 Oct 2022 16:07:31 GMT
server: nginx
etag: W/"cbe2ce664dbd0ca60f712a9f8d9dbe66"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600

GET
H2 200 634b4f05af7138946e0dfe1e4d2e8071.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 236 B
524 B 42ms
41ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/634b4f05af7138946e0dfe1e4d2e8071.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

ff7c437fb6c163a91c39e822424e5ff52125ddee58283629211d9f5635377f2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 18 Oct 2022 16:12:23 GMT
server: nginx
etag: "dc5291d1734e7e404df549e9e1362d42"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 236

GET
H2 200 f581f42d803f91beddba79915c1245b9.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 436 B
725 B 51ms
51ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/f581f42d803f91beddba79915c1245b9.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

10bcc57188ea877bc089bdfd16377f668f9619f5e51c611bdbbda1cae7749fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 09 Nov 2022 17:20:55 GMT
server: nginx
etag: "6d3e6624c6649571ba2e987a8da4a156"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 436

GET
H2 200 1c2d2e82e21ac66d679caa43b850b5c0.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 2 KB
796 B 28ms
28ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/1c2d2e82e21ac66d679caa43b850b5c0.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

c71347b1b7d64797d4862a6da6a75af5ff98027f72a3078d8f1bbb7de6033872

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 18 Oct 2022 16:08:14 GMT
server: nginx
etag: W/"2f0ff2f509adb6cba560ee79be147629"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600

GET
H2 200 ce09588991267216069e3c0dcdebaffa.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 442 B
731 B 52ms
51ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ce09588991267216069e3c0dcdebaffa.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

8da60f8a293eca79b4db46c1e22e9167a4920f198c0537cb56bda9707abb4e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 18 Oct 2022 16:09:20 GMT
server: nginx
etag: "54c4965591cf536aa8edeb5916bf603c"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 442

GET
H2 200 22c183db3438ae09a17e9e4f9e9d3987.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 15 KB
3 KB 43ms
42ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/22c183db3438ae09a17e9e4f9e9d3987.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

f3ee7d511ae50f34d01caad9138e565e26230115ec75d7228c0ca918809349f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 18 Oct 2022 16:10:31 GMT
server: nginx
etag: W/"29a9c36ce44c85f35239642207f6248f"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600

GET
H2 200 07a3ca529c7238b39e6ea96c468392b9.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 16 KB
3 KB 40ms
40ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/07a3ca529c7238b39e6ea96c468392b9.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

5b577330d37bf6413a46ddbfd58b282c7eb556011ae0ada3d0497cf7438c28de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 18 Oct 2022 16:11:06 GMT
server: nginx
etag: W/"f59c1e6281d7fde1046ba13d9ca87203"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600

GET
H2 200 2a42eb36fdb4d96f7534daf1596f1926.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 222 B
511 B 42ms
41ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/2a42eb36fdb4d96f7534daf1596f1926.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

853daf13541ddaabf8001908ab6e97b27653cdc13799127e5fce90be4ea481c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 18 Oct 2022 16:15:36 GMT
server: nginx
etag: "4e0e27377a1e5bcd5f6462f4689bb58e"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 222

GET
H2 200 727b0ccce8354acfbea779e199f20649.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 736 B
1 KB 42ms
41ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/727b0ccce8354acfbea779e199f20649.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

00006f177798ed80f9ed80c7a941c53a37f2f733bd17f3d6cdc867ee70295d86

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 18 Oct 2022 16:11:35 GMT
server: nginx
etag: "0aa15e4adc729bb6900444913c1adc1b"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 736

GET
H2 200 8bfdb80ecd6af615b07fc65792d24ebd.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 674 B
962 B 42ms
42ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/8bfdb80ecd6af615b07fc65792d24ebd.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

4707e212ebfab3235c383a4090fd64c0cf6d79c23404eebd5254e349d47e0bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 18 Oct 2022 16:16:12 GMT
server: nginx
etag: "0c65631a396882fbda3a21a481248060"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 674

GET
H2 200 365d74e1851896509d619107a7ca32f1.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 439 B
727 B 42ms
41ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/365d74e1851896509d619107a7ca32f1.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

1a40a44905a8c92ca47b055812ef89e99483e7bc0df35bd3aee7e20d491fbb2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 18 Oct 2022 16:16:49 GMT
server: nginx
etag: "0632e3160601fe2d12fa35e328986def"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 439

GET
H2 200 9ff29c5c1887a22d4ce1cedf1acfe66a.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 698 B
987 B 52ms
52ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/9ff29c5c1887a22d4ce1cedf1acfe66a.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

429df5feb6040614f975a362627a0088c84ef62b2f89bb3fb6e98fd82f3fcc41

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 19 Oct 2022 15:58:45 GMT
server: nginx
etag: "48a4ebb89730b25349ec152a0f637144"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 698

GET
H2 200 7978a8b66599d26d68428729789be98b.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 246 B
534 B 52ms
50ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/7978a8b66599d26d68428729789be98b.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

e79681e9239022fce629e8bb515ae86dd614376ac86375437a8839c1b93b765f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Fri, 21 Oct 2022 17:44:26 GMT
server: nginx
etag: "34a180be542fbc1e8c70272cac1ea38e"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 246

GET
H2 200 edac18cbfef73df3d45f25f145489294.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 466 B
755 B 42ms
40ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/edac18cbfef73df3d45f25f145489294.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

2a3544608adf937f8f2f05522b000625ea1b9865bd653028ae05969e21ae3675

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Sat, 19 Nov 2022 14:14:32 GMT
server: nginx
etag: "2a77f575077d439c7242a65c5deeb349"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 466

GET
H2 200 1c9e1c7a818ed54c3e5122e3bba03de0.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 232 B
520 B 47ms
46ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/1c9e1c7a818ed54c3e5122e3bba03de0.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

18a297db9c132f46ccc8ccd1a1c84ff6bd334358be05749057ce8d67e38e918a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Sat, 29 Oct 2022 09:22:52 GMT
server: nginx
etag: "6e605b2b09c3e9a1aa3376519e70dc38"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 232

GET
H2 200 97ffab9ba6f60a4a36869021586a7707.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 780 B
1 KB 58ms
57ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/97ffab9ba6f60a4a36869021586a7707.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

f5744fc60c714ae8987ce14e66ab0faf8e0213131e9046353ecf561023fa65c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 16 Nov 2022 08:21:17 GMT
server: nginx
etag: "57255196aff4e1e0b63333b78f0aaa70"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 780

GET
H2 200 96edf33f2c6efbf4ef710c804d698cf4.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 664 B
953 B 58ms
57ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/96edf33f2c6efbf4ef710c804d698cf4.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

394175d7ef745dcb58f08975e5ac15b7e8ccad77e1837e120a1d3029b69e60d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 16 Nov 2022 08:19:04 GMT
server: nginx
etag: "68062dbae68ed869d62fb8c5af952d15"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 664

GET
H2 200 4859c69270068cb31f2a2fb722826891.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 7 KB
2 KB 35ms
35ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/4859c69270068cb31f2a2fb722826891.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

3886fbd076a17791aab8a969929e75744f97cd2fe73ae4b8bf80dc121db37c97

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 15 Nov 2022 11:12:55 GMT
server: nginx
etag: W/"8dce7e9364e1d53b09a5801507da06ee"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600

GET a05018c324ef6aca6b130942443d68ab.json
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 0
0

GET
H2 200 85c2f6928c4caff0c56cef6ecb21cd24.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 3 KB
1 KB 46ms
45ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/85c2f6928c4caff0c56cef6ecb21cd24.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

28dc5aee2b5e455a7cebac5604053f32f7bc62c738279b1b60f740a24d9d3905

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Wed, 09 Nov 2022 10:48:09 GMT
server: nginx
etag: W/"d774a20d976867de41cb2d1b84c4133b"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600

GET
H2 200 d5a8008ac6789180c872f1ebb6f90432.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 486 B
775 B 33ms
32ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/d5a8008ac6789180c872f1ebb6f90432.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

7d6f31dd8e17fa7e52892c599bcf290a6268d34b7c9f64b402225257262ad1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 17 Nov 2022 05:13:36 GMT
server: nginx
etag: "a4673e2782675c79c9bf2e7c64331947"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 486

GET
H2 200 67bdaaa57094203478808ca7eb37c94b.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 462 B
751 B 45ms
44ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/67bdaaa57094203478808ca7eb37c94b.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

9fa9ad7c324335c6dc8b961683476b0c27e49df91848d4ea48b0a361f454f2a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 17 Nov 2022 06:08:33 GMT
server: nginx
etag: "088f3849a930b10bc6a23832d99f6500"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 462

GET
H2 200 d13a5a780383734f3abde1bcbdbcb87c.json Show response
lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/ 220 B
508 B 55ms
55ms XHR
application/json 178.253.14.144
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/d13a5a780383734f3abde1bcbdbcb87c.json

Requested by

Host: v3.cdnsfree.com
URL: https://v3.cdnsfree.com/_nuxt/desktop/default/3408befd.modern.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.14.144 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

40b61a67ba21cf03f2cba7833994f2862582fd4fc7ee2e02083193c35f176d1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://lite-1x500621.top/de/office/bonuses?tag=d_706649m_97c_sms_all
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Is-srv: false

Response headers

date: Wed, 23 Nov 2022 07:02:12 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Tue, 22 Nov 2022 11:42:38 GMT
server: nginx
etag: "723b2b0601dbe12d2dcdfd9f007fc8c1"
content-type: application/json
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public,max-age=120,s-maxage=600
accept-ranges: bytes
content-length: 220

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 22ms
22ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=572833845&t=pageview&_s=1&dl=https%3A%2F%2Flite-1x500621.top%2Fde%2Foffice%2Fbonuses%3Ftag%3Dd_706649m_97c_sms_all&dr=https%3A%2F%2F0220.ga%2F&ul=en-us&de=UTF-8&dt=1XBET.COM%20Buchmacher.%20Hohe%20Quoten.%2024-Stunden%20Kundendienst&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUADQAAAACAAI~&jid=1897159733&gjid=172029942&cid=238920388.1669186933&tid=UA-178408567-1&_gid=915132901.1669186933&_r=1&gtm=2oub90&z=1772516561

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://lite-1x500621.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 23 Nov 2022 07:02:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lite-1x500621.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 16ms
15ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=572833845&t=pageview&_s=2&dl=https%3A%2F%2Flite-1x500621.top%2Fde%2Foffice%2Fbonuses%3Ftag%3Dd_706649m_97c_sms_all&dr=https%3A%2F%2F0220.ga%2F&dp=%2Fde%2Fblock&ul=en-us&de=UTF-8&dt=1XBET.COM%20Buchmacher.%20Hohe%20Quoten.%2024-Stunden%20Kundendienst&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUADQAAAACAAI~&jid=&gjid=&cid=238920388.1669186933&tid=UA-178408567-1&_gid=915132901.1669186933&gtm=2oub90&z=1787709732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 22 Nov 2022 21:11:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 35468
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 a
www.googletagmanager.com/ 0
11 B 31ms
31ms Image
text/html 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-5R4MT54&cv=9&t=ol&p=ga&l=348&q=2773&f=69&e=65&i=38&d=2491&c=117&hc=0&sr=0.050000&ps=0.0009317801704276096&cb=1666227965

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lite-1x500621.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date: Wed, 23 Nov 2022 07:02:13 GMT
server: Google Tag Manager
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 95ms
38ms XHR
text/plain 2a00:1450:400c:c00::9c

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-178408567-1&cid=238920388.1669186933&jid=1897159733&gjid=172029942&_gid=915132901.1669186933&_u=aGBAAUACQAAAACAAI~&z=464805314

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://lite-1x500621.top/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 23 Nov 2022 07:02:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://lite-1x500621.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: lite-1x500621.top
URL: https://lite-1x500621.top/genfiles/cms/1-285/desktop/media_asset/a05018c324ef6aca6b130942443d68ab.json

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1x-xredbet002400.top/	1969-12-31 23:59:59	Name: SESSION Value: bffe68f5a88f1ac7d250dfb6a1094195
lite-1x500621.top/	1970-01-20 07:44:06	Name: platform_type Value: desktop
lite-1x500621.top/	1970-01-20 16:25:22	Name: auid Value: sv0OkGN9xXJxypcdAwiNAg==
lite-1x500621.top/	1969-12-31 23:59:59	Name: lng Value: de
lite-1x500621.top/	1969-12-31 23:59:59	Name: SESSION Value: a71fe2167453ac6eda0c1342a6278dcb
lite-1x500621.top/	1969-12-31 23:59:59	Name: tzo Value: 0
lite-1x500621.top/	1969-12-31 23:59:59	Name: window_width Value: 1920
lite-1x500621.top/	1970-01-20 09:06:10	Name: referral_values Value: %7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22d_706649m_97c_sms_all%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D
lite-1x500621.top/	1970-01-20 07:39:50	Name: reflinkid Value: d_706649m_97c_sms_all
lite-1x500621.top/	1970-01-20 07:39:46	Name: postback_watcher Value:
lite-1x500621.top/	1970-01-20 08:22:58	Name: che_g Value: 863d5480-3883-1537-5b10-2f9b4f0233c0
.lite-1x500621.top/	1970-01-20 07:41:13	Name: _gid Value: GA1.2.915132901.1669186933
.lite-1x500621.top/	1970-01-20 17:15:46	Name: _ga Value: GA1.1.238920388.1669186933
.lite-1x500621.top/	1970-01-20 17:15:46	Name: _ga_5671CMJ6T4 Value: GS1.1.1669186932.1.1.1669186932.0.0.0
.lite-1x500621.top/	1970-01-20 17:15:46	Name: _ga_7JGWL9SV66 Value: GS1.1.1669186932.1.1.1669186932.0.0.0
.lite-1x500621.top/	1970-01-20 07:39:46	Name: _gat_gtag_UA_178408567_1 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://lite-1x500621.top/web-api/api/internal/v1/blocks/check Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0220.ga
1x-xredbet002400.top
fonts.googleapis.com
fonts.gstatic.com
lite-1x500621.top
radar.cedexis.com
refpa53115.top
region1.google-analytics.com
stats.g.doubleclick.net
v3.cdnsfree.com
www.google-analytics.com
www.googletagmanager.com
lite-1x500621.top
178.253.14.144
178.253.14.29
178.253.47.23
2001:4860:4802:34::36
2606:4700:3035::6815:29b4
2a00:1450:4001:811::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:831::200e
2a00:1450:400c:c00::9c
35.241.57.45
8.238.191.122
00006f177798ed80f9ed80c7a941c53a37f2f733bd17f3d6cdc867ee70295d86
048109731a12bfb0674cb64f273963ce383b18a55c9f6c53ac9b5c56bc1648ba
07cdbe1e59119250771a8773362671c109b87f43a622c29d53dd35afeab16b87
10bcc57188ea877bc089bdfd16377f668f9619f5e51c611bdbbda1cae7749fdd
15564c5d7d5f3b30c202aae5a9d40bd67f4e6d624172e744668365a22d27f9de
18a297db9c132f46ccc8ccd1a1c84ff6bd334358be05749057ce8d67e38e918a
193484985e3c0c2b29e1ba992c72f0b6c0dcfe679f2ccffb5bd5c2d0d2d5ef7f
19805a3cb96449b4eee9861385bbd671fdaa5083cf5deafb14aa850e265f2979
1a40a44905a8c92ca47b055812ef89e99483e7bc0df35bd3aee7e20d491fbb2c
1caa3ddfbd6c1a678916ce03ab098d85e0db82a38785ce3e5e34ca23421345c2
23e384ad5e338da386748ce08ad798f3b732a7e0563e9889e3d310d33c19c5a2
26168118e47a2f33ea8a4b095f9a3ab8439df26246c52aa2c14cd6412a2ff788
28dc5aee2b5e455a7cebac5604053f32f7bc62c738279b1b60f740a24d9d3905
2a3544608adf937f8f2f05522b000625ea1b9865bd653028ae05969e21ae3675
2c2ea262143e5a9045397f0d59e94ea4dd723146c5512753ead482dd0a830550
2f9f35ce72cf40d8488c4e6bb3c81338f2b70a1393336d5e16f29010f39e039f
3886fbd076a17791aab8a969929e75744f97cd2fe73ae4b8bf80dc121db37c97
394175d7ef745dcb58f08975e5ac15b7e8ccad77e1837e120a1d3029b69e60d8
3aeb2e6e6a577890aed99e4513a6b9d7aea62fdabeca6c3cd08596868d73b2b1
40b61a67ba21cf03f2cba7833994f2862582fd4fc7ee2e02083193c35f176d1a
42588f2c9b657973bdcb78026a701f73d057fc42e305382b5c2473093b488c06
429df5feb6040614f975a362627a0088c84ef62b2f89bb3fb6e98fd82f3fcc41
44956f38f015f0b02be8c96612246b0dfe8e97765024053faafecea325d32cb3
4612305c0c6077857c88e831688c8bb34594e16c567ed45a3a330c14fa7c627b
4707e212ebfab3235c383a4090fd64c0cf6d79c23404eebd5254e349d47e0bc2
47384946e1ff4b8745fe6a4c9fd88b708cbfdf0c4da0c573e6199cacbdb9a460
56bf2e2ee17ee1d7e0867499cd7b9fee3144eacb1d5a4956d1f33eed2f0e52b8
5b577330d37bf6413a46ddbfd58b282c7eb556011ae0ada3d0497cf7438c28de
5c55a99708e5b25c79529eac5c9c2f741e91d9acf779c94d5f08bf9183394b8a
5e91ae1750f9b11a9683b19eea192f67ffffc9e0c9ef7cd2385bb7032a82b770
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7478a15bc2ad3eb0a0fd7e9936e299294033b0a0b57e4f178decd0d467ae2b77
78148a7a7c8acc9d4b2a1d700f6bb71588e9caa0f88c382c302eaa96a75e3929
79541fbd5863b789f16e341208642f1b47bb3bc939121ed63426dd7969714390
7cfd2277e83ddc360442d2412638ec407c005c60d03414c2b799d55e0aca7d42
7d6f31dd8e17fa7e52892c599bcf290a6268d34b7c9f64b402225257262ad1fe
8036849d65bcb46f39822bf834c190ee7abb2dc3806bd8327997905bccc52c9e
8171f4620bee17bbf5859fc151a0913b9e89b9d83607d827ad74783744598b1f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853daf13541ddaabf8001908ab6e97b27653cdc13799127e5fce90be4ea481c8
8a2d9ac95a919f3935dbf53d01a07b8ed975c34e19bb61bf34b361d503a52e89
8da60f8a293eca79b4db46c1e22e9167a4920f198c0537cb56bda9707abb4e67
90c942afe21c8fc79c0037596d431cd83cec539ea291cd2a0eafc319701701e2
938af906f6e293fe2124f3224f57dff4b5a6fe1c34accd7cded466667b8cec34
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
98fc08a893e6c6ec0f82ec6b5d1a6b9179d3feeefeb8642c8c0a6391bdf5ec25
9fa9ad7c324335c6dc8b961683476b0c27e49df91848d4ea48b0a361f454f2a9
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5bfe7acb21ff40f604552f0a5b197fcca669f84c4d02b58cf29301e8eb0fc5d
b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab
ba35a33dafed0e7440e7f30c9d6c390a168d44123066c6ced416168317d38715
baf35ed1e4c5ce9b641a6bcf926cceeee1c5e9a6685a8a796976676daf0ad16e
c23f935153892f2662853d18637cc19852cc482cd9217c7d88f770f12ce52e5d
c2b9151fd74fe85a7943b70a659879b430233456286e9b31de0810015876f10d
c71347b1b7d64797d4862a6da6a75af5ff98027f72a3078d8f1bbb7de6033872
c7968174d92e899f14b40cb58bdf50f76686ece76742b1b20ee5b3a14cd8c3d4
ccd6a84bbfeb21fadfca7e9e897dcccc7ab5b78233efec099c033941ce8ba08a
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d2b5135ec4d2c10275a6846c7e2ca3202cb9901ccc7cc72a4c03e4c9d18a68a3
d3d95c39fcdb7ea59b4cc8410d4ce07a8de20b23041a73a482287e8914c97e9a
d5af3be5580e1f59ebf83be6961804f2a1f09732719085c04ace46c76df2106b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e078a7e402d29ad9e9ce54d3fd54133807c2ce1128707a340a49c207613a60f6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6b0a1eae34b4482b88f3861bd7832121426684306b132f1fc8bd10f1f3b7fc4
e79681e9239022fce629e8bb515ae86dd614376ac86375437a8839c1b93b765f
ee094fc8f7b08dcf1c1f70b58026fdb70435ab4ba70defebba6e138df15b7b22
f3ee7d511ae50f34d01caad9138e565e26230115ec75d7228c0ca918809349f8
f5744fc60c714ae8987ce14e66ab0faf8e0213131e9046353ecf561023fa65c6
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff7c437fb6c163a91c39e822424e5ff52125ddee58283629211d9f5635377f2c

lite-1x500621.top Open in urlscan Pro 178.253.14.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

76 Requests

99 %HTTPS

58 %IPv6

11 Domains

12 Subdomains

11 IPs

3 Countries

1768 kBTransfer

7292 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

lite-1x500621.top Open in urlscan Pro
178.253.14.144 Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

99 %
HTTPS

58 %
IPv6

11
Domains

12
Subdomains

11
IPs

3
Countries

1768 kB
Transfer

7292 kB
Size

16
Cookies

76 HTTP transactions
0 data transactions