Report - 1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund

Report Overview

Submitted URL
1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
IP
178.253.29.51
ASN
#202492 Silverhill Group Holding Ltd
Submitted
2024-05-08 07:00:13
Access
public
Website Title
Live sports betting ᐉ Live scores ᐉ Live sports streams ᐉ 1xBet : live betting ᐉ 1xlite-461430.top
Final URL
1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
196

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
1xlite-461430.top	unknown	2023-08-11	2023-08-11	2024-05-07	99 kB	1.2 MB	178.253.29.51
widget.suphelper.top	unknown	2023-08-02	2023-10-04	2024-05-02	5.7 kB	1.3 MB	172.64.148.184
www.googletagmanager.com	75	2011-11-11	2013-05-22	2024-05-08	1.8 kB	479 kB	142.250.74.40
radar.cedexis.com	3035	2009-01-07	2013-11-27	2024-05-07	412 B	627 B	45.54.49.5
pp23vi1.com	unknown	2023-03-09	2023-04-06	2024-05-04	439 B	387 B	178.253.14.123
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	460 B	12 kB	142.250.74.106
v3.traincdn.com	unknown	2022-11-10	2022-11-25	2024-05-04	69 kB	4.6 MB	185.244.209.62
eventsstat.com	843751	2021-03-05	2021-03-05	2023-09-18	52 kB	4.3 MB	83.147.204.194
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-08	1.0 kB	33 kB	216.58.207.227
www.google.no	25607	2001-02-26	2016-04-05	2024-05-07	587 B	578 B	172.217.21.163
region1.analytics.google.com	unknown	1997-09-15	2022-03-17	2024-05-06	1.0 kB	448 B	216.239.34.36

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed
2024-05-07	medium	1xlite-461430.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (141)

	URL	Size	First Seen	Last Seen
	eventsstat.com/statistic-app/sys-static/desktop/default/46ec6cc.js	20 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/46ec6cc.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:20 Last Seen2024-05-08 09:00:20 Times Seen1 Hash 35900e7b9e58e1561e184198753a90a3 941304f687274373ebc5016e250f4ced43bd31ea 2c969954e91314cd2d4a973dee8b07d2b6d0072e8aa4d1afbd565af8f4b9c2dd Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js	32 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen49 Hash 3f5e6415a870624bda2cd9741726af93 a5f7d27d2ca9f7e89a230ad43754f4e0390f293a 68449536372a92443232c2c9299ebc24a5f62543e6b12cd0a137b078f50d6e9b Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js	76 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 05e740893c07a5cc45b5f0f2d787dbf5 28c364157e02ce207609bca53064a4b513e8bda7 a2af38a1cec7178448ce8d1aee99190b643f50894d3d05cac2e5234caeac8e5e Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/e59bca1.js	354 B	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/e59bca1.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:20 Last Seen2024-05-08 09:00:25 Times Seen2 Hash 4c46b2cb54d616fa15d8ffbed51b7559 64cc8f65ca56af674398bf7df9faee34fe28fe4c df2771d83a9c112e584085a24c210c8223349b4e5a6dfdebd18b79f251c5d0de Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/90b6a4c.js	19 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/90b6a4c.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:20 Last Seen2024-05-08 09:00:20 Times Seen1 Hash 2a00a8245656597a118750c117d21c66 a5fcf67901c3d43599a4b9a934ef15f0ef6eaf23 31429333826a460b2fcbc4a19a1a98a965d3bdff80a6f0ce0e5387518f1da744 Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/4420253.js	298 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/4420253.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:20 Last Seen2024-05-08 09:00:26 Times Seen2 Hash 1bf7ff539d74ada4fab8ed35c46d9434 9525c0b2ee51fdf0268723e54869beb05700d1e8 3ccf0b68915262bc209230d7b9652306b154fbb7c26245339ba10c99ae10deef Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js	1.2 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen21 Hash 52ab057c90af6d742e95f43ff97e95ff dfdce102add5fc4fa06ac366a663e7a732bd9352 feedd981d953d2933cbb35a49608ebf408f13f457399c2b11aa1ef5eb76db547 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js	56 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:31 Last Seen2024-05-08 09:00:23 Times Seen52 Hash 45302df89a240c65824afccc0240c030 84573118a402aa9a4ee0321ccf3f914c438a8369 25b695450684f580508f24855ea2d181ecd499e26573010621dd4a2ddc5af16a Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/ea5e649383e3.js	5.0 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/ea5e649383e3.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:20 Times Seen16 Hash feb5d0c05443398468224d2944536b10 d795e84479919f2fca3e48ddb1c9fea251260f92 d613b9c5f54a7d16fcfaf0ee200b05548ff0cc03a52ea1c3ef75c0315f5582e5 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c7de6303dfb7.js	424 B	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c7de6303dfb7.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:20 Times Seen23 Hash 33e7498a57ccd45d4321735d481a7313 46b45796c16d136c29f360cbb68d5b205904bcfd 778fa85294ad50c151be62183dbe5c18d754019a84e6c8a929b2c641d38ce3e4 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cd57c0a6e95b.js	1.5 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cd57c0a6e95b.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:20 Times Seen16 Hash 76cb7b38bd7dd009e525ca10453839cd 6f243fa517f2f2eb7c5de651fca6efed3c6f7ded 91471eda0cfb8a92d2139d87180f101574355cc4009e8983507054f8f9883aa3 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-05-19
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 19:26:08 Times Seen350268 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js	1.3 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 59e405a5c84540fd5cd4a47c01954bb9 877928ec86d9742b605ab481e28e4ca40163154b a50357ec75eb7f36a26bfe20b003e614f8bfd8298d502b26c9dc36cbdc1d362a Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js	41 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 3645d2d457e7c89dbddbc70d1bb71d2e d91ac83ee98ca90c4a45448683041facd9b325cd a615e922b7060fe133277857d8a581923a62ce0da64aff95340bd9b884856a5a Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js	30 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:38 Last Seen2024-05-19 19:17:03 Times Seen112 Hash dfa127e93d125d4f6c566203eaf225f2 32c1fd89c4eeed7ac2a942582b3786659b15cd43 cf5077d1cff62ce76807408ebc2203563b7a221ddf1cf38339c6d54289bff390 Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/7fd8a26.js	6.8 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/7fd8a26.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:20 Last Seen2024-05-08 09:00:26 Times Seen2 Hash 430d0f7dc58da13003b651d28b6dbe3e 3c6833fa191ec0b613e613f27346d32d4e131955 290a16f1862926218ba11b10a955ccb0ed136ac843709f78a7cb56103f33e035 Loading...

	unknown	34 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 19:17:03 Times Seen963 Hash 7bcdb973ab8af8e24ab11cb554a1ba6e 24e8a10f240f2b06f81d7c173cd0a90606641fc1 916ec4eb9b485eb47f43a17fe212e84e4b72600b45eb6d4588599ad495a57fcd Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/1a65b1d.js	6.9 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/1a65b1d.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:20 Last Seen2024-05-08 09:00:20 Times Seen1 Hash 175a3b394f0516a3bc2bad7f624c491f 36da8b15146d9d112c08f072ca3c367bb3b1f25e 0e0a866f89d22afa257bf2861394c8d74530a7c15472e34ae4f71a88deaa35a3 Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/de90f0b.js	35 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/de90f0b.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:20 Last Seen2024-05-08 09:00:27 Times Seen2 Hash 4610d59138b859b42230696b6f6d7d70 3dcd55bd0be4462377d7c984016b8ff157a4cb7e bdbe852652d40052189f97af9353042ef6e77e939400637cc6d580f749b992d9 Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/85e6f6a.js	7.1 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/85e6f6a.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:20 Last Seen2024-05-08 09:00:20 Times Seen1 Hash ddd0e8b8a0f068bbbea042b7e3ef1878 41465f7df066f4f9ee431f70acb66528847f5bb0 78880070b7c24bc71be1c9df44e7925cd4a9eac0c9d33e2c233b41e82c0fe7ec Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js	237 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 8b5b82fea92540c112a534ae258307e2 380afabff0faa228d8c4f10cc9947b310d1bab68 ab31af22488ac9b76c9790f4d3cf1096a9402e7ab4a5b8e09d373cb5b62bc651 Loading...

	v3.traincdn.com/_nuxt/desktop/default/commons/app-2e30fd7d.js	138 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/commons/app-2e30fd7d.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen52 Hash 03b89bdb4f6013159d40de88c98403b6 cf41351caa86d91b56cf839d54ab28bf8f4f54f8 42d02ce0b520e2d8ce7341a0b07d92cd3833d762337b1f8aabc6f7f23e6fad4a Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js	77 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:23 Times Seen54 Hash 45f90516ee8a557d78c08e1e925c1490 adc0363ed75f47f9513a36a94173c6e4940a2adc f5b8b3c4e62dbb4ebc5fd634f5bb17b3145a14c21bdc3e9c0a4dcb45b9e573fe Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js	101 kB	2024-04-24	2024-05-15
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-24 06:33:08 Last Seen2024-05-15 18:55:38 Times Seen69 Hash 51ddc52774f4e5bd6a6f1c22e9d19674 374c2fbb2b68ad9c28898dfe60da3fd828ccf7c4 642e66ee14ca90b6ff8f91fbfdce400c6834a037dee18a60a72922ea727bb442 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/03e03ebafcdc.js	372 B	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/03e03ebafcdc.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:20 Times Seen23 Hash 441a6448f5a4242779baf6fc1399b13e b646aa02b2ed08c1590c6f4536341cb2e51a4f1c 0eede7ea7bad647cc90b8044489561c58d2d5865e88ecc59a572589c6ccea6b7 Loading...

	unknown	39 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 19:17:03 Times Seen955 Hash bc51ed8c76553717f10d58b2df60fd76 e2d03a8fd8d280074b226c288880f9df299c7cb1 bee994eaf88453f6343ba57571a069054c12c9b4e42f8cbad4f2ad75c7fb264c Loading...

	www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66	322 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:20 Last Seen2024-05-08 09:00:26 Times Seen2 Hash bdb1057041954cb52b9944da44176b1e 340c67887b719a49ca719056e4fffae3bea20d9b f553adf5ad8e417acbee13c4d28bca82eadfbee16319deb63a35b4e1f2a8efeb Loading...

	1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund	2.1 kB	2024-05-08	2024-05-08
Pretty URL 1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund IP 178.253.29.51 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 09:00:21 Last Seen2024-05-08 09:00:21 Times Seen1 Hash 1d730f23abd16d53f2882e7718cb31bf 4e031581328a655c0e1ea5f0917db67c6d25ff34 d1a5339f8fc5092a5f60180c0b391c19a3991af4681f1f44a86866602613df55 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js	7.6 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 18:05:15 Last Seen2024-05-08 09:00:23 Times Seen30 Hash 68b874a85269b1e64bfd1065d0254a1a 46d5559120d28058a530b18616085b6826bb03c3 7a51983ef71867325dd5d9bf7b7eadc66b567a882f50c1d09158bf4f7de8b587 Loading...

	v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js	110 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 756179b1f968d35107908086a552c869 5c1f6c8a0c1eed4246c04dac52c4b7056fc991e8 37093cd5b15bf40421db8a64625a01317d043479685d2e1f84accb8fbf992ea6 Loading...

	widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js	108 kB	2023-11-02	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 21:20:57 Last Seen2024-05-19 19:17:03 Times Seen2524 Hash 83680ce862de40c43fc92e04b1ad0a3d 67eb6762545f4e1fee446794f4738d0f0577b6b4 e70f39978f08895aef6849daf891af65bff03e476eb9b1384dfb36cd4ac9fe75 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js	504 B	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:24 Times Seen30 Hash 5387051085dcc459e7077d5d8000b85d d22afab6c65228f0056f66e4f150783f6014e36b 34377c13fd72112cac96fba3642f084661361aea701a70ba3702c82c9bb42790 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js	20 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen26 Hash adc7f8e289bd475a5a922c91b93591b2 540252cd02880714746d3656e61c67e7acab7fda 3b542ce26d333f558f94adb8cac49e58be95a5470eb3079d1dc0b2b7a7c97b6b Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js	31 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen22 Hash f9da465f4f7355523306ce6bbf89c0d5 c39974e7867bcdd6bbe385ba52c9be335afdfe6b a5ff3777031e8ee4babfe1d6a7a6fff1fb2fc0db58de71ea8202bc37a7aab0f2 Loading...

	v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-b6662b37.js	12 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-b6662b37.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen21 Hash d5bb5783c476219b31ce5582083fd74b 326b40532b72988c1d23fb931daabead75d18482 2724a816ddb0fd1234ca8cebf9db4fd60290f282fcfcb5619ffe70be9c0160b7 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/60c7aeb54494.js	715 B	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/60c7aeb54494.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:21 Times Seen28 Hash 0a4d6d7efa89ba140b62c6aee5e8fc6f 9e5b132d8df77dc2fe824cf30a362084400f23c5 60e4e95557382dcdc956e8e80595030789aedfcf6c9f2ff90e92c5f4a2631e0d Loading...

	unknown	44 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 19:17:04 Times Seen952 Hash 00beb9884d0391b342eadd30744b539a 3124c0bd593822379d22f13d3e08e70a1bf5ea14 92394eec5690449a4f6cfc9a7f97497a69e926b2365cb9a9aad3507a844f835c Loading...

	v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js	10 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:31 Last Seen2024-05-08 09:00:23 Times Seen22 Hash be042bab68dd466121fb1460a17b1795 3dfa3c583644e2aa71ff199a262a54e17cd378d6 2a7bf413f8f8d67f545da852425cdec3b3960fa2c62960ca49c5a2dc43108ac0 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js	954 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen54 Hash 1992415420cd9d59941e07133aa0c521 308a748fa982a440a112cb9e449f25a23bd6d83e 94a8f060251c7e705ee8c823783cb067e2844edb0f3900b6b0e91948d92ce907 Loading...

	v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js	2.3 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen50 Hash b44bc16cd2630bfada5ec9cbdbfcafab 43918946155d48f6cc8ecba42e2cf2cab28debd7 189ec6fd8e44cc47498706a2d2c815da1dc255040ef5ef57f5faa7c10c05ae42 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cb22691ee4d9.js	731 B	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cb22691ee4d9.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:55 Last Seen2024-05-08 09:00:21 Times Seen26 Hash bd6d9e7b07e097eb950f4b8bd6ada2b4 d332a4f5771e4f6d2cd47cd94ff85c5eb5847418 ea2bfc78a76204b704ee4ff215cfd6be3c7edb98b6c6e77501c5dbb88f261ea5 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js	450 B	2024-01-25	2024-05-19
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-01-25 11:06:32 Last Seen2024-05-19 17:11:27 Times Seen139 Hash 056ce527a12544a37f984ac598be2344 6946b65cf1c68960e5f9ac0900a0df66a13e7e85 cd7cdf53c803ca43a37171180d14c2374e45ab347d309f9b83a107b9ad9b4ed1 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js	53 B	2024-04-24	2024-05-19
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-24 06:33:07 Last Seen2024-05-19 17:11:27 Times Seen52 Hash bb7e15ec1662efa164ad912bd1c65e19 bdd420a5f5bf96a8a4f85abbbe3b0cd2ad547f52 a9378fb3de73c35f466dfae4d2956a63b95813d4eaf88ae7f4ce820d0992cc01 Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/ba16792.js	864 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/ba16792.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:21 Last Seen2024-05-08 09:00:21 Times Seen1 Hash 5e7c6cb86fb0295e7c86da0e42532998 352d90a811ded283431a9af09cfea97b46b909ba c72fe4ac75d9e8828e995121833932c84ec80baea20aaf1b43491654766be486 Loading...

	www.googletagmanager.com/gtag/js?id=G-7V60YW2S5H	300 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=G-7V60YW2S5H IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:21 Last Seen2024-05-08 09:00:21 Times Seen1 Hash 177e947db29dc34b33d206fccaed85e0 93d92496763adc3b7cba5c75ae63dba091200a58 649e9ecfe721d3b8b41d92665cc623f405ec197f3fae0a1d111d43a7d8cf4639 Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/eeb1c0e.js	52 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/eeb1c0e.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:21 Last Seen2024-05-08 09:00:26 Times Seen2 Hash c311f71ea06e3dbe4efd07890c0f464d 1faca436f54713f5430a624976bdd7f78dd92156 51bf82effb46dc07efab2c1c7a21e673e1bd9e6f2a0cfd6c9dc275a8fba1f840 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js	8.7 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen53 Hash a5db05d47f7f37c06acc29a0f4eeb447 b9ddddb586721548eaa4a62d7ae420bfcfc5bddb 4053d0ffbd3af6bc022131a3f123bd4e88825f1b5f06a74dd2072a2b0fe3f243 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js	37 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 149f1f916b0c47494c7bdc15122390d4 f6be7ef6c3649f4b83fd19f7459dbce46ff15925 f8ecbd7355d64beb3e23daea185a634fa436012d707160381bb3b65548a9c92b Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-022bbfcd.js	26 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-022bbfcd.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:23 Times Seen49 Hash e30c678eadf7bd0fcc773e1599b97ddf 41243dc14d9eb2569fa832a3b8c27fc0158991aa a4334d54b8db6d6eceb88c48ee428dfbb0ad3749d4137439f77859e205b52806 Loading...

	widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js	78 kB	2024-01-20	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 01:21:34 Last Seen2024-05-19 19:17:03 Times Seen611 Hash dc6852529f28802d37affa5953d07260 4edd220fe8df4b009a1775ebe57f19d40999659f 4aefb18221e4fb46818b0f52302b7c7717e45701e26990726cce645d8c80ed84 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5f591efad77b.js	1.5 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5f591efad77b.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:57 Last Seen2024-05-08 09:00:21 Times Seen16 Hash 7def1ae39ae3ec1a1a1d626c24e5a7f2 c01023fb1bb0149d53435f5e665c7936ce88aee6 9b43d70a4acc4172dd9c3fceaa2e5f0585b1263516eb3b1f05c363980294152e Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js	69 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:38 Last Seen2024-05-19 19:17:03 Times Seen115 Hash 138de5d55ee831195dd90bbf5c557926 4413082980942643803d8d4567df2f8395c0e868 55a6d9d38b0c68a21367ae7ae43333bfa61e2eddd38b2376eb5b192f0a0383cd Loading...

	unknown	47 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 19:17:03 Times Seen950 Hash 580b3e56fc9ab6e8b4655f43ee057cc1 5dfce565e446f4a167195de9a1a5dd26163c711c 446f07b6e56de61d2c2d5b6ba408cc580b492a6d1ede8fc51cfde4ef75a2b382 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V	178 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:21 Last Seen2024-05-08 09:00:21 Times Seen1 Hash 126e19c801d9762dffbed8248021cd58 0225b313a287a7a37905b9851af09b2d03f676ef 69b7f66410861d6018bb798b5c728a28ffa32e088bea4c74b6f5d122d60991ef Loading...

	v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-2f154c8d.js	416 B	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-2f154c8d.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:21 Times Seen17 Hash f82b46dce7c19fd9f12e08311e06b4d7 a22d1a217e0b5665e976cecf1cba74c7f884ba21 a5a3de88355ca693c9e33b10b37c3f175362fb3c581ab02c44fbb4fc424c4b1d Loading...

	widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js	92 B	2023-03-07	2024-05-19
Pretty URL widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-05-19 19:17:05 Times Seen8008 Hash 7c3f7e060745668041278118c0bb3d6d e639f56695b3cc30d78dce7a0084aa8299a1311a de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a Loading...

	v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-dc087bc0.js	3.1 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-dc087bc0.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:23 Times Seen21 Hash 66c4eb11ec60384b198e73db080c0f32 6fb7618e384b9e01454c7b984728236f178192da b45c772a5a204e430a575b896edc43205412a5f28539c2e48c152df7669ad7cb Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/62bd07c5cb50.js	2.6 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/62bd07c5cb50.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:21 Times Seen16 Hash 942da12c1a44ccf257f6ea3e09ed3175 117b957d554602393aed24ffb08c957f89dc622c ecb8f76caef1e9eda494ea85e50bfa687baf1a99774b32edd34b03e8215f4075 Loading...

	1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund	924 B	2024-02-25	2024-05-19
Pretty URL 1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund IP 178.253.29.51 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-25 06:56:59 Last Seen2024-05-19 19:17:03 Times Seen149 Hash 92bf20f2f922cc746bec8fe320b23ed3 768e5dbe711e1b62cad807b11ded99ef85001483 b81f4c4f575092cb52a07f89a96291f8e258b3f6bf61e51df0fec3bcc3132fea Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/637bf31.js	365 B	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/637bf31.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:21 Last Seen2024-05-08 09:00:25 Times Seen2 Hash 048c2f63f9b9e5daf4059b765f6e0672 6abe57c90cf7bbbb6e5a18a1b9fd5c14bd7458aa c41a9790fa2c5b58ac7c95fbbc8ddccade234bd65213738ecf97f17adfacae5c Loading...

	widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js	141 kB	2023-03-08	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:26:33 Last Seen2024-05-19 19:17:04 Times Seen2534 Hash 896d1930437c1ab92b8a359c1d6fdaae 71e0e23d1af9722f356eb5d1c497d100ec8b0f7a 8c508636d885890bfb5c56bcd6dad1b8b64c498781d351b588a8de7f686774d4 Loading...

	widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js	481 kB	2024-01-20	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 01:21:34 Last Seen2024-05-19 19:17:03 Times Seen602 Hash 46260bb46d51262abee818c0c3bcf1c6 fe3be222aec74704fad1fa2559788b1fa287094a 20700e65659e04d422580d9c792ba811b7b76de4ec1b3163c284af83bd5a7d6c Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js	1.0 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:38 Last Seen2024-05-19 19:17:03 Times Seen78 Hash 8fecd56fc5520134f3c39b17431fe0c2 e0cedac030a1fcf68779a592ed9e0775beb45123 3e01dfddf1e68faa32769d615eeb0e838a29241d18a57090040c595ee05f0ba8 Loading...

	v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js	47 kB	2024-05-07	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 06:20:18 Last Seen2024-05-08 09:00:23 Times Seen22 Hash ef9def5f3c8a190bfffb14ce24c6eb58 c5fa568c8f9bee2aa988c80a7246e07edd8d84ba d5d3ad6908352036bda426fe1fdc6f1dc03ac13a7029bbf25fa50580abd9064f Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js	15 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 2f5a8b05ac32c583fcde180d9d46fce9 86cc94f0c76922b731336bb6c13ff2839f37d689 6f2a20b4cda56cb4d92bd6d3817945c5e659723eaf3e5c85f0a00274c909a9cd Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js	144 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen22 Hash aedaa99fcce183a213f358a727e9eb87 7fe33331acbced57be412f96baff3a4595e207fb 2ccadc0a2eea97aeeb5f1825ad9bdac3873481a54bcd3b42cf6724271cd0f6ac Loading...

	v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-183c618c.js	1.0 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-183c618c.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen21 Hash 54f54116f151f6469527d5f5c584887c 8078098cda5d50eeb285da4fc78655562f8324ed 8112adb0bbfa619109d5a6c3263e5e1761599c14b3c474b58b2f5ca512b46efb Loading...

	widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js	3.8 kB	2023-10-05	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-05 09:17:37 Last Seen2024-05-19 19:17:03 Times Seen2071 Hash ba1681cca05ff7b4f8698587da76ab26 7113520b461dfcbdcbc1725a1acc6e05547bf20e bcfc83f65454f29634e61503e84d77f3fe8bc06451b90927bf842e9ad352ac64 Loading...

	1xlite-461430.top/polyfills.js	0 B	2023-03-07	2024-05-19
Pretty URL 1xlite-461430.top/polyfills.js IP 178.253.29.51 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-19 19:28:01 Times Seen37839105 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js	27 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen54 Hash ead4a901af60e4b8138e732f0aea9637 7c1d57d444a07553738ddcb8b6a2bee305a0c215 e6bc116e4cb54d011d2a1fa1f87ab12d1f320aa8dc54c89b1f286f2b02ee14c0 Loading...

	widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js	10 kB	2024-01-20	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-01-20 01:21:35 Last Seen2024-05-19 19:17:03 Times Seen609 Hash 54b2d4e92e16d2ea51898124107af46a ab4225b696e63c9040de1511fa229cf65b4d3750 e17ccea95df87c35add9994b01ef7bb6e8b5c2ebea282c461199a140a5675662 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js	198 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:26 Times Seen44 Hash 191ff223860f458112e0be2a63bd9857 850dd681d5b31321f00b8df955a455aa9478e44e 40e1fe6d194776c5fa845dda1dbebda9c2bc3154d8c45793ae74a2e1bf147016 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js	15 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 18:05:15 Last Seen2024-05-08 09:00:23 Times Seen30 Hash 81deb8b2ab30cd1729e21622a32d9814 41b982e7a7e4eec22ce01ff1a3b854e51e385789 41159eb3d25b42d4e655a6a3f4e6b0777c2d8a572277d77f9104e171b8aa5589 Loading...

	widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js	107 kB	2024-04-25	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/pages/index-ed7cd77912c6e3a9.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:56:15 Last Seen2024-05-19 19:17:03 Times Seen244 Hash d0a7ecc59065580118a9ea8880c58962 21573546ac5011592094ef6aea0696ccdeb2164d e1b09efa81ca44cda394e366b64fbf2b3f0725eab9ad24782839cbb8f66842b5 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js	37 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 63e1a6027725eca572736670eb935432 e3578492cf68e66a44f556a98545294a5b1bed5a e96e0e4abe03d7fb0d2449e0f2bf27bb0ee85cdd4d7b4098276c712842b45d8c Loading...

	widget.suphelper.top/injector.js	208 kB	2023-12-17	2024-05-19
Pretty URL widget.suphelper.top/injector.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-17 15:23:16 Last Seen2024-05-19 19:17:03 Times Seen1033 Hash faa1c0b5a845868ac1a8071b6b87d458 71034e9bb2726a20b2afa197ff4e1b52c2ab976b d7585c13a4abd3b295a15b2bce2b2d7121a697f42ea85f89f40624ac26b075d0 Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/5cf0527.js	3.8 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/5cf0527.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:21 Last Seen2024-05-08 09:00:21 Times Seen1 Hash 2aa1e511d8df6379eeab296af6ed089c e551866b9170202d94d92ac828ff4c82d786857c b8b02eb24085a17611a13122a335463f2fb5a8cec74b4615f1a07cb2548815af Loading...

	1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund	674 kB	2024-05-08	2024-05-08
Pretty URL 1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund IP 178.253.29.51 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 09:00:21 Last Seen2024-05-08 09:00:21 Times Seen1 Hash 3baf81762e0e9ecdd36dd6d9b201d4d9 53b04f12d13b74c870ded4c74b79f81e8e939f04 3470a886ea8bc7a255ccf6444ea84d84ee2b590b53bbeb5c24fb6baf5361c83c Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js	30 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen25 Hash 93a3cdd4ea0ae5eb295e71988355c5d4 0c9e334aebd99fb9c44575c99abda82d0b53acb1 104a5a19f0a8b4d443e55c32daf49eea2343ee96da27b48c21f09e1425081d62 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2c4bdd620ac9.js	6.7 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2c4bdd620ac9.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:22 Times Seen16 Hash db345f9ab9f4b60494ed02dd78f38d79 cb9cbbfabcb9c33191f6dae2927282f0ff4fa236 e9fe103123d124c15580efc873171acc3a1235957353992c779f9ab30938aab4 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/635ff2d38c89.js	435 B	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/635ff2d38c89.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:22 Times Seen25 Hash 213bb33769eecf49a9d71c164b83a3d6 2caacec15b0665fc36759a6bdf499512788dd7f3 75e86ca16a3f828026bc32b7aab627175289750ac184bd505d531c591d2bf011 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js	66 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 5c486444497d7afeea7cabf3a651d76a a5c40dee88530a85a4c061ad4379b13e3b8df745 9c3b64738e185dacb94ddfa13c1807be093f49e0a3b5810f92db524ea9f60020 Loading...

	v3.traincdn.com/_nuxt/check-ob.js	211 B	2024-04-24	2024-05-19
Pretty URL v3.traincdn.com/_nuxt/check-ob.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:33:10 Last Seen2024-05-19 19:17:04 Times Seen277 Hash ced67278c38d1ce1297c121af69fff8a df6e1531fd84d956263b04254e6f94f5356623f4 2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js	25 kB	2024-04-24	2024-05-15
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-24 06:33:06 Last Seen2024-05-15 18:55:36 Times Seen55 Hash 701ad5a22b8ea7213a53e334d0898349 87749d947f6aa40eb671447b58261d710ec5479b 07669c2ea7c29dd69e47f5518ba73b76389f3479e19f7362b461ef0fff96c1f0 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js	1.3 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:35 Last Seen2024-05-19 19:17:03 Times Seen78 Hash 518e0ae196483ada8b528a1f2b7df0a1 50e66030d9aca44adb3bd7893ef3c42593e26be4 529ca09688eb85183a34a43651cad1e8fabae2a02924753d54786f3de5e85693 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal/modal.office.TwoFactorAuthEnableModal-74c102e0.js	16 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal/modal.office.TwoFactorAuthEnableModal-74c102e0.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 18:05:16 Last Seen2024-05-08 09:00:23 Times Seen26 Hash 18f932fe4f53ce3de4a44b04b0524916 ed47f4f593c25b33012b0369c19883c23e7d3df1 c665029c63cfd9399be9c74e897668b621e3a6e690f0da69196f4c73c16f0cee Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-414928da.js	2.3 MB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-414928da.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:22 Times Seen16 Hash 2ff74ba461966e9ef07ec952168d3783 eac39aaad2751e37b7b7e1cf6d966696f9c1c044 2073d859a26714aca057e24cb8c9ac7e8fd7bc8a184406d49cf0c46980ab405d Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/92745f711024.js	188 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/92745f711024.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:22 Times Seen16 Hash fdfc9ec2fb0c6c09b91f4d7afd8b013e fda34cd7ed3c34c04b95aa7ef5c8602246560792 52c22cd0255170803b57877f20365b1cc0cee020b6fff69c71fe0f7f6c9f276f Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/6bcb3d9.js	21 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/6bcb3d9.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:22 Last Seen2024-05-08 09:00:25 Times Seen2 Hash ed38babdda9deb55d6e09f4bc3995fb5 1c259347f8a5c9bbc8c001b5cfa7bb8ee4ec641a b657e9af403eb28a5adbbdc9049685e00cc6cc6a08c69f3fd02d63494ea19a70 Loading...

	radar.cedexis.com/1/23802/radar.js	390 B	2024-02-13	2024-05-19
Pretty URL radar.cedexis.com/1/23802/radar.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-13 14:23:26 Last Seen2024-05-19 19:17:05 Times Seen302 Hash 82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js	20 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 860ea683ac1ca8494adc10cb2ea4fcdf a1004cb9bb3a036d215dfbf6b9bade88ad81a7a3 e8fcc72111c9040f545dd314899e61e406ceaa76601c816dc3c1a7b407f88850 Loading...

	v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js	7.0 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen54 Hash 91d17dbf833b48149a8b5d2f21895879 bd71a45fa4419ab4ddbc676f0a9cca2be05e1703 f085ff2e310ab82817411e3ed64d0902de49e149d0958cadb91d518ed5854335 Loading...

	v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js	3.2 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 13:30:37 Last Seen2024-05-08 09:00:23 Times Seen67 Hash 0cc9277dab4117c9b162cc01e1f0b97f 5b7d9007e2d99d3715c5f226aadf44aa4da4332b 6d7637a83c7812813039573e9c67efbb30e4021a971c546621a397eb72ea4bd0 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-07683518.js	40 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-07683518.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:27 Times Seen46 Hash 5609f3d5d46109e5230f492c3d89cdcd 522c0a551da1db7753e72b6a629064a6170791d9 13f2ef217e2e8cc997cbcaa97126a6c31430ae1d073e406944364fb5f45f70e7 Loading...

	data:text/javascript,export const meta = import.meta;	32 B	2023-12-06	2024-05-19
Pretty URL data:text/javascript,export const meta = import.meta; IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-06 14:32:28 Last Seen2024-05-19 19:17:04 Times Seen975 Hash 6d772b7d405b447ecee54ab61cdd5108 dd65fb9cd5a7cb94a40fe161f4f72303a61eb3b7 b90ff694e492935b6036fb7e878d365dab51aafa46f0afb1e33414e7ecc3307b Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js	81 kB	2024-04-25	2024-05-15
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_vue_deps_OVKZGHR6.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-25 18:56:15 Last Seen2024-05-15 18:55:36 Times Seen32 Hash 67267513246705d46a0bb83e1f8efd2a d1af6d9ad50f110bbb4bb4d75965dd939a14e15d 35acb34c3273056ead66f9ae7dc11b3c2e3bd1a4c46dc22daaa6900c150c2b2c Loading...

	eventsstat.com/statistic-app/heightNotifier.js	152 B	2023-03-07	2024-05-08
Pretty URL eventsstat.com/statistic-app/heightNotifier.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 18:26:00 Last Seen2024-05-08 09:00:22 Times Seen7 Hash 59837f8106b04a4b275a8c8ff34a4ed2 b9f1b6df5b37c1a2b3c039db4fa7b4ee2c6352e2 96d64d0d6ce91a98a241a3a0c1659879971f4fd009d3e53f97eb754b2d77aa3a Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7b53ac9cad2f.js	41 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7b53ac9cad2f.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:27 Times Seen21 Hash de79bf6739658de7bc537d692f3638fe 1e7a3af0be67bc48ac8f184324daff5f1422ac26 35f8f183f2c85dfafed1127ec3f72da678b9eea861b4083672ae4580ff6a0af0 Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/a164815.js	1.6 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/a164815.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:22 Last Seen2024-05-08 09:00:22 Times Seen1 Hash ee5b0bece0112f7a04533fc179e3d381 71d3554891cc08df03a247e074c6896774a31561 6c92cedf1435ab145dfb7a11f5ecc6db15b56e283a56baca774e572ab22a906a Loading...

	www.googletagmanager.com/gtag/js?id=UA-131019888-1&l=dataLayer&cx=c	195 kB	2024-05-08	2024-05-08
Pretty URL www.googletagmanager.com/gtag/js?id=UA-131019888-1&l=dataLayer&cx=c IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:22 Last Seen2024-05-08 09:00:27 Times Seen2 Hash 17bc3aa4f8c9c8f5d7f73c293b0c41a3 5a88885576d699c68ebb7314d6fff34025f1174e 36b9ca4b8c2d9fecc385904faa889c1bf34d4af5cf843ab0bdd3e3c39b2b160c Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d492f4568b81.js	1.4 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d492f4568b81.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:22 Times Seen16 Hash 1ca49088b69c49762c2b4dab10ebe060 d9b6754b9fd11ad9be0cec795758b89b3b9dc62b fc430e6fe7bd867ba551df2263494ba5dde0e1826aa3a16cd52af79430abec1a Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/def460c.js	7.7 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/def460c.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:22 Last Seen2024-05-08 09:00:22 Times Seen1 Hash 2ee0a1f3c05956d135919d8d7cc3f897 eb907b3acb004b0ddbf37eae79d86119faf0af74 4dbb47203959fa78bfb60b5009668da3fc79784ff2e4daf40a365251c9af9a40 Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/f9d0b18.js	3.1 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/f9d0b18.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:22 Last Seen2024-05-08 09:00:22 Times Seen1 Hash 3eaca9bb158176143d98835a30dd8a33 8149c9994afb156f2c70e89a874d3c54bb33b561 c4023476c6eb174c66fc8e06beb531983c68ce51c3ee8a7aabdb7c8243b3d95a Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/859df84.js	1.2 MB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/859df84.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:22 Last Seen2024-05-08 09:00:22 Times Seen1 Hash 8923581ad4237356836297ca002be4df de81acbb0f5e4b2f463d203cd6291c3bfd2f9430 9ba54fabff2a0dbead6d6bc9ce4e99f3e0b6ebc5aac3c0dd218c7bfb707c127f Loading...

	unknown	47 B	2023-04-14	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 16:26:15 Last Seen2024-05-19 19:17:03 Times Seen952 Hash a01893d8e129ad16c1e0fc5c7537f411 0e46d1bf2718f848d9d596fa269eaedb31204772 cbe7b89533bcd75b69f3e54807308551d68242ec1761e63bee1a99fc6e560175 Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/67aef0f.js	208 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/67aef0f.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:22 Last Seen2024-05-08 09:00:22 Times Seen1 Hash 28da017223529ef22e3ef5464956028e 7afda09b48440994790c91bc8cb6da014902b6db 23efe8fd85b3360a2416fca6540c5c834a2d413e27167c56506dbb76e29395b1 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js	14 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 18:05:15 Last Seen2024-05-08 09:00:23 Times Seen30 Hash 395deb0abfd0ea102c0c9aa4cf08b2f9 b53c99a2bce733f0a45a075000949d34e2fd0b17 f11d7b6985d7e97030628cf137377b14e9316f8919f80dff4cdd488366aa6652 Loading...

	widget.suphelper.top/	196 B	2023-07-20	2024-05-19
Pretty URL widget.suphelper.top/ IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-20 14:42:12 Last Seen2024-05-19 19:17:03 Times Seen2121 Hash aa729c2ec64b60ce3b2052cc8edaa329 0f673deff4bffdd337a6220feb0b7b5b5ff666c4 9693391d461678be59d683100b1442f4ee65d2cf5bda3904fbf6232a7eb921ca Loading...

	widget.suphelper.top/_next/static/f385e6db/_ssgManifest.js	77 B	2023-03-07	2024-05-19
Pretty URL widget.suphelper.top/_next/static/f385e6db/_ssgManifest.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-05-19 19:17:03 Times Seen87590 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/49e90f3b8dc2.js	2.1 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/49e90f3b8dc2.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:22 Times Seen16 Hash e4a5e0e3cafb59fadf6c400cfd363b1a 9782ef66f8c66b9daf7c71799bb64a36791aafcd 528a971a8fd97998b7c66f789d482b73572d3f2f0a1c621aa917552c0abf3c68 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3a9e96a04d11.js	4.2 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3a9e96a04d11.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:58 Last Seen2024-05-08 09:00:22 Times Seen16 Hash da4fcf0e06e63dbfcf3058f435e0a172 7c544d459b9305c651de2b6c6a48a8188504c3ae f2735fd1ef60ddd6d03eb6c9a4b37b94913c89775308c2880f8dcdf8a321e115 Loading...

	v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js	21 kB	2024-03-23	2024-05-19
Pretty URL v3.traincdn.com/sys-static/shared-assets/__shared_popper_js_MO5RLEN3.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-03-23 16:35:33 Last Seen2024-05-19 19:17:03 Times Seen112 Hash 598d5481ac96b9bf8013b0eb1413b8e5 cc7e3384da379a215ac43b2385e901e22ceb6327 1488ecc35389c72a3aa26d468420069f6b719db456ea82605762311da663b65f Loading...

	1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund	338 kB	2024-05-08	2024-05-08
Pretty URL 1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund IP 178.253.29.51 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 09:00:22 Last Seen2024-05-08 09:00:22 Times Seen1 Hash 8a4186b3a80d1c26ba1593adf1bbdba5 27247b7fd2ec8adb17ee41efb8015d090ba8a95a c0e4ea87a9918543a501dea76539bafdff36dd7ca533e463d4394a8daf908534 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js	28 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen26 Hash 9167c6082d419d35f57a606871184d06 d4c4fac03b353c5881c352d6ac0c05947dc2e633 bed35ed9386f6d0d6f3096d00c7d14e042c5cb404f07ef0bb9abb4cc381e89c3 Loading...

	unknown	96 B	2023-12-06	2024-05-19
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-12-06 14:32:27 Last Seen2024-05-19 19:17:03 Times Seen975 Hash 94361ed86ab9b2fbb8d805c2025df46a 3f428332f7a1c7196a85c93a373a966d75708c19 eee4d228a49a86625f29410cf9a23d145e821a09cbb1f7a4d7557d206872715a Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js	134 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:28 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 474bfa89621896100251055f7c19712b 0e19c615fc77f9ed2d69d74b7f8a42d41c6f5138 ea0fef6e0a33df0b36bdce2df6b8bf50eef0dd3b71c7c6fc567a7d7c5d39fdd3 Loading...

	widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js	373 kB	2024-04-24	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 06:33:05 Last Seen2024-05-19 19:17:03 Times Seen237 Hash 36e4e2c2a2498b008514f1f0250c8018 cfa53d1c8533fb5941d9ff4f1e45e8c831658693 42cd70d177e33b23f4982b671f4bb7f03a966053874a320af3f3ea7b7b7ca1f0 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/f44f14b6b316.js	1.2 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/f44f14b6b316.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:56 Last Seen2024-05-08 09:00:22 Times Seen16 Hash 22e67b67b6c959d57aa78ae317120f36 ba2fb2181061d5aed5b6c98ef0aa0bd0aa135ece c696029dc6e79eb249d40656e1842626f439c5ba2851629fa1b33faf884111a3 Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/1e1eb5e.js	28 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/1e1eb5e.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:22 Last Seen2024-05-08 09:00:27 Times Seen2 Hash 84ebf43e4f6602367454c6d38588b452 14858ef1a1d57a4e7eed100598069ce2400c9e35 e0288f078d82dc91dd596b99e3acde935944f8af5e48f5b5f493318552c5862d Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/acfbf17.js	8.3 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/acfbf17.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:22 Last Seen2024-05-08 09:00:22 Times Seen1 Hash 038c5674adbef742c4996f7c9013804a 438e001f7da37786708518113918654b77b46441 6814fd2dc89107916ca506f9b545255f1e4d9da2813c959635755029f7b9eb0f Loading...

	v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js	7.8 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:30 Last Seen2024-05-08 09:00:23 Times Seen21 Hash 3078429361b9801527b7f4deb1ff2633 c0bf69639f54697d7fcf5ee8ed06072a629b3fff 3042f5f56a8fae2d232bd88071179a50133e8d90fd11ec2f52259b23d8e0cb5a Loading...

	widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js	37 kB	2023-10-13	2024-05-19
Pretty URL widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-13 06:04:09 Last Seen2024-05-19 19:17:05 Times Seen3236 Hash 6782c8abf3d14391f6ed5c805a973cf5 a08b255c0084e14d74199f5af64522ffaba14486 88331f3bf38157ecb0e64f22c08a582384dc74c8bae09d9f78b9eab5fe82cfa3 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/674665b11997.js	18 kB	2024-05-03	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/674665b11997.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 04:24:08 Last Seen2024-05-08 09:00:22 Times Seen2 Hash 4f4ecf4f95b6f6cf4fb1edad67c10f95 1031a00608e3118830d2b665d2e33a12c66f7946 20ebbb4cb1f5d413f910284731471dabd32f8f74b3af08ffe6ad58788d3d2ba0 Loading...

	v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0f8a3bdbdd12.js	1.0 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0f8a3bdbdd12.js IP 0.0.0.0 ASN #0 Introduced by importedModule Embedded in HTML false Observations First Seen2024-04-27 09:33:57 Last Seen2024-05-08 09:00:22 Times Seen16 Hash b49b08255ad6dd3864f907913b849ebe d795fb55582cfc60ad8e9316849952ace5cdfd29 3fbd78a17348b646b42ee72bcebc1c930f88f26e3b9e42ae3c488637e1e4a655 Loading...

	eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280	1.2 MB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280 IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-08 09:00:23 Last Seen2024-05-08 09:00:23 Times Seen1 Hash e4e61a81624a20d25201bed69779be49 97e616b1b9638c72379bd580615d21f0e9d75f20 6f513c125425f67bb9b5214b81b7d3a0ae09ea593ae263e2b3057b75ac89c494 Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js	21 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:29 Last Seen2024-05-08 09:00:23 Times Seen22 Hash fb60e20d94667a730b2505f72a36269f 9553f3349aae185bd43d95b7ea735790b5ac35d4 24b7cc1abd1d6224f08db147e7c866945d1f205b36b55ac5a5f1c47ed96d69ab Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js	32 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 13:30:37 Last Seen2024-05-08 09:00:23 Times Seen56 Hash 56a0eecb3ec4576e9abf6f8f3e2707f9 6ddfcb4b1669c1323d87906b720fe8e4c258c143 81a5331c3ce30f9e8f21bf5e69591e24dd0c77d9b69157bf0a5e2242fc299ed4 Loading...

	widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js	1.0 MB	2024-05-02	2024-05-15
Pretty URL widget.suphelper.top/_next/static/chunks/pages/_app-9c47c295eecaa68a.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 12:28:02 Last Seen2024-05-15 07:03:13 Times Seen91 Hash 5997e7f54cf2aebf463f16902ccbc7fc 659b9677d6196eabd63ce0feb5f4466accb72df7 08d0ab3696a84b16c7cc5306bf6d83dd27f99a2ce221ed337bf09dec8ebf95db Loading...

	widget.suphelper.top/_next/static/f385e6db/_buildManifest.js	519 B	2024-04-25	2024-05-19
Pretty URL widget.suphelper.top/_next/static/f385e6db/_buildManifest.js IP 172.64.148.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-25 18:56:14 Last Seen2024-05-19 19:17:03 Times Seen146 Hash 06c1d20d74764a4f7dea57ebb09df4d8 d6592eaad86ec7b7bc373774bf911385ea7cf07d 46185c722db3b74c04c371b445abb1da2fa2592059437ee508a23e96c1fdf169 Loading...

	1xlite-461430.top/en/live/football/118587-uefa-champions-league/sandbox%20eval%20code	147 B	2023-04-11	2024-05-19
Pretty URL 1xlite-461430.top/en/live/football/118587-uefa-champions-league/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-05-19 19:26:08 Times Seen350784 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js	17 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:27 Last Seen2024-05-08 09:00:23 Times Seen53 Hash fda91a0dd5e8251a0c4c540d7e54ed52 3c4a6e38286708cd62ff071ccf97e73f37200728 b3c3c2ee09cf4af0164878165cd9971fbfe83a461c18ad0ef7cfc33b36b782ef Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/d60a4ed.js	2.3 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/d60a4ed.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:23 Last Seen2024-05-08 09:00:23 Times Seen1 Hash 410997beaacec5b471524343ab618f07 4c0e144306f436525b8aee6fb47b15912a05b1c5 63a0c985c2d9dddb05060bcd1a860010a26babb57faaedab2e0bf8d4769b8e06 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Game-8423c9b2.js	569 B	2024-05-08	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Game-8423c9b2.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:23 Last Seen2024-05-08 09:00:23 Times Seen2 Hash e80e61c9fbd3b73e0797f516bdb69db1 3940c472d16dc441a6c2d3f4a558791e5ebd0aef 33d3f79b4a41dddc164652a7a949930a4f197f2a36c90c8d34ed5edc4f1b5b32 Loading...

	v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js	853 kB	2024-05-07	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 06:20:17 Last Seen2024-05-08 09:00:23 Times Seen22 Hash c4d75347728629ec3f0b90dc82f0a3d2 ff949fe02da04d39be746f8d091a1a7b30126f7a 8ca2bd3ad104c33fb6189e87cab8992734ca6bf99a631ed413f63444b834d33b Loading...

	v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js	12 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:31 Last Seen2024-05-08 09:00:23 Times Seen53 Hash 805e7c2cd861f2191db66c39ab28e86b a6353246547e9a9fd01093fcb784d708d187e3ef 82686dab55962ead6916346bd901b3fc03357bb2a0e74dfe966ff784d75b2368 Loading...

	eventsstat.com/statistic-app/sys-static/desktop/default/b342127.js	13 kB	2024-05-08	2024-05-08
Pretty URL eventsstat.com/statistic-app/sys-static/desktop/default/b342127.js IP 83.147.204.194 ASN #202492 Silverhill Group Holding Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-08 09:00:23 Last Seen2024-05-08 09:00:26 Times Seen2 Hash b440d5acb042f355d280d1e8b5fb7ab1 8ef08da2d026d9d2e3e03d503b095e4457b0a4de e5ed657f93147514e1292b33b609bfe9b60530d6957cee067330389672d7fbc4 Loading...

	v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js	6.4 kB	2024-04-27	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-27 13:30:35 Last Seen2024-05-08 09:00:26 Times Seen65 Hash 60f915b0daad3af04303726381897e81 133c20a7f58c18758483c23f595d5a4f22ba9371 320b5a7d25c926dc55eb7a53f4348bf7c34bd7f5bc6ad3bcd1d16029239dc3a1 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js	42 kB	2024-05-02	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-02 16:50:31 Last Seen2024-05-08 09:00:23 Times Seen22 Hash 21a80fe42c418607606b5ee8ebc9ebe2 b93c8e0a2f18dd371501e1a8739e9445b2c1d9d1 880f72443c469f2d2e9421789eaeb1f2042a8c4ccfc8ce9057a685d588a97ff3 Loading...

	v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js	2.4 kB	2024-05-07	2024-05-08
Pretty URL v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js IP 185.244.209.62 ASN #199524 G-Core Labs S.A. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 06:20:17 Last Seen2024-05-08 09:00:23 Times Seen21 Hash 3a0e4a54185bcc66d2e032dd30a385eb 627755ca54def0761f25f827d5b4cb483e1ca83d e0bc5ffed1e6fd6285fea94e991fa8ec48a5f17677519c766d7ee7e757a02239 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 6f17c0b74eb6e470ccf85d10ac1c6d77	29 kB	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 09:00:23 Last Seen2024-05-08 09:00:23 Times Seen1 Hash 6f17c0b74eb6e470ccf85d10ac1c6d77 e2e463999c0e37c133200ca396457d324c04dfbc c467b0c5385426206f88fa74c36322c089cbd71a97fefd5b3b5748a477ce4e26 Loading...

	#2 Eval - 28f6c6481e5cc99e328c897170c680a1	231 kB	2024-05-08	2024-05-08
Pretty Observations First Seen2024-05-08 09:00:23 Last Seen2024-05-08 09:00:23 Times Seen1 Hash 28f6c6481e5cc99e328c897170c680a1 5b5ab2dc69289fcb4a8dfa2e0e495ae163e5243e 693b8f0e3431caa18e64b64697d60246c37f5f4c079ed40f66cd177554e810d9 Loading...

HTTP Transactions (357)

URL IP Response Size

1xlite-461430.top/polyfills.js

178.253.29.51

200 OK

0 B

URL GET HTTP/2
1xlite-461430.top/polyfills.js
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /polyfills.js HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
vary: user-agent
cache-control: public, max-age=2678400, s-maxage=2678400
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2

1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund

178.253.29.51

200 OK

244 kB

URL User Request GET HTTP/2
1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (34194)
Size
244 kB (244324 bytes)
Hash
7723a0ca7ef3b5e49be5709a08a84e86
cebc9095e6bde74c659a899c64df2df76b865a87
c10e97cc6c4898b670057e5f093f2c0550d5595f9307c2fb612d1798faa4cd3a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:35 GMT
content-type: text/html; charset=utf-8
content-encoding: br
server-timing: total;dur=642;desc="Nuxt Server Time", dt_total;dur=722.488, wf-uht;dur=0.765
set-cookie: lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
platform_type=desktop; Path=/; Expires=Sat, 11 May 2024 06:59:35 GMT; Secure; SameSite=None; Partitioned
auid=sv0dM2Y7ItczH4vwAyAEAg==; path=/; secure; httponly; samesite=lax
traceparent: 00-f0c89d3f671bbf80829e48830e20d727-07f27d30518ab762-01
vary: Accept-Encoding
x-dt: 285
x-frame-options: SAMEORIGIN
x-time-ng: 0.661
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/a4f501bb.css

185.244.209.62

200 OK

7.4 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/a4f501bb.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (54112), with no line terminators
Size
7.4 kB (7418 bytes)
Hash
32a89d535782c71f2aee2541afe97325
9ad12cc6ccd6b059073f779e9d91c6c6674e1289
ea1bc845a76d5e0e7738e217f8f0c47ac62ace9bddebba5059499b3451aa6ef8

HTTP Headers

GET /_nuxt/desktop/default/css/a4f501bb.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
content-length: 7418
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1cfa"
content-encoding: gzip
expires: Tue, 07 May 2024 10:53:28 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4984d54bacc2981b05141417f912e4a1-60ea6aac5b57e266-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:53:28+00:00, 2024-05-07T11:19:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js

185.244.209.62

200 OK

58 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64940), with no line terminators
Size
58 kB (58244 bytes)
Hash
8b5b82fea92540c112a534ae258307e2
380afabff0faa228d8c4f10cc9947b310d1bab68
ab31af22488ac9b76c9790f4d3cf1096a9402e7ab4a5b8e09d373cb5b62bc651

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 58244
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-e384"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-125af88c53bfdd5c3c2ba3f3caaf40be-3d5428a176d89bae-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js

185.244.209.62

200 OK

9.2 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (31683), with no line terminators
Size
9.2 kB (9205 bytes)
Hash
3f5e6415a870624bda2cd9741726af93
a5f7d27d2ca9f7e89a230ad43754f4e0390f293a
68449536372a92443232c2c9299ebc24a5f62543e6b12cd0a137b078f50d6e9b

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 9205
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-23f5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8c4bca5eb5281dbe0e867139cfc1aae5-2f537476a7934d7f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js

185.244.209.62

10 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (40656), with no line terminators
Size
10 kB (9977 bytes)
Hash
3645d2d457e7c89dbddbc70d1bb71d2e
d91ac83ee98ca90c4a45448683041facd9b325cd
a615e922b7060fe133277857d8a581923a62ce0da64aff95340bd9b884856a5a

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 9977
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-26f9"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-041836022b727e481b355db53864b61e-fd8881c48e334529-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css

185.244.209.62

200 OK

336 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1099), with no line terminators
Size
336 B (336 bytes)
Hash
6921418ff9395c44037498a4cf17ee66
31879049279e2cb5bc06b249d80d1735ef112b19
e6de221b29f3b4e47505c877067f28565ab5e1b419dc5003aca29c49596e73ab

HTTP Headers

GET /_nuxt/desktop/default/css/a7906856.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
content-length: 336
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-150"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2032e1e751a468c88438e9c5d08524f0-0a3e16fd0950f156-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js

185.244.209.62

4.2 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (14590), with no line terminators
Size
4.2 kB (4207 bytes)
Hash
81deb8b2ab30cd1729e21622a32d9814
41b982e7a7e4eec22ce01ff1a3b854e51e385789
41159eb3d25b42d4e655a6a3f4e6b0777c2d8a572277d77f9104e171b8aa5589

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 4207
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-106f"
content-encoding: gzip
expires: Wed, 08 May 2024 08:41:46 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-93a701aacba82d8816005cf8f9eea5e7-966284455a783974-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:41:46+00:00, 2024-05-07T10:01:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/6cc025d5.css

185.244.209.62

1.3 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/6cc025d5.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6716), with no line terminators
Size
1.3 kB (1324 bytes)
Hash
be35c859b4087d52ff863e02472b7438
acce1097a331dc2ec0669d17db06c679e7c81be6
af7c9af6bda4b329f14b870f4df09e1b11e87d8dba17c30eed496dc5d27dfc1f

HTTP Headers

GET /_nuxt/desktop/default/css/6cc025d5.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
content-length: 1324
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-52c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1d6995b5a22b3a0ff615da53a36717d4-ebac769d79be6cdc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js

185.244.209.62

200 OK

2.2 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7613), with no line terminators
Size
2.2 kB (2209 bytes)
Hash
68b874a85269b1e64bfd1065d0254a1a
46d5559120d28058a530b18616085b6826bb03c3
7a51983ef71867325dd5d9bf7b7eadc66b567a882f50c1d09158bf4f7de8b587

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 2209
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-8a1"
content-encoding: gzip
expires: Wed, 08 May 2024 08:41:40 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d427d52c0d8413b9e3d6703ac9f5f5e8-bc523b554e9d2a9a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:41:40+00:00, 2024-05-07T10:01:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css

185.244.209.62

200 OK

1.5 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (8509), with no line terminators
Size
1.5 kB (1491 bytes)
Hash
b0cd3891fe08ec67c50bbdfd9f7e9181
205511f8e55a0498e8129c290759a26ba4a4db31
75c619e9cabd7b2c1939e6837909e12c51fb3e68888ba20d650cb1939f983f6e

HTTP Headers

GET /_nuxt/desktop/default/css/98ce2926.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
content-length: 1491
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5d3"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ff85abf600c23343e3e6b3381f1602c0-a99a23b2a9c8479a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js

185.244.209.62

200 OK

17 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65113), with no line terminators
Size
17 kB (17011 bytes)
Hash
5c486444497d7afeea7cabf3a651d76a
a5c40dee88530a85a4c061ad4379b13e3b8df745
9c3b64738e185dacb94ddfa13c1807be093f49e0a3b5810f92db524ea9f60020

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 17011
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-4273"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8f1b730a6208d56857727bedafcc40e9-b120e9b1ffc5e428-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js

185.244.209.62

200 OK

5.9 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21262), with no line terminators
Size
5.9 kB (5874 bytes)
Hash
fb60e20d94667a730b2505f72a36269f
9553f3349aae185bd43d95b7ea735790b5ac35d4
24b7cc1abd1d6224f08db147e7c866945d1f205b36b55ac5a5f1c47ed96d69ab

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 5874
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-16f2"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fabc17c42a120185c4283634aa2191d6-235f5eed136b7584-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/version.json

185.244.209.62

44 B

URL
v3.traincdn.com/version.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text
Size
44 B (44 bytes)
Hash
265e4e9c948f929631d7e9bcf0d19d5b
c70f40cde4e09003b980fdae5130f3695de16add
62ec6fa5c15470b882bd7e05f5651b0a265a0cb2857cffa5cbfa34b3d2cf42ba

HTTP Headers

GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/json
content-length: 44
last-modified: Mon, 06 May 2024 10:24:15 GMT
etag: "6638afcf-2c"
content-encoding: gzip
expires: Mon, 06 May 2024 10:50:26 GMT
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-93d0c3eeead8dc6c63bb750b29b06621-48df8b6c493b1cb9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:49:26+00:00, 2024-05-08T06:58:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js

185.244.209.62

200 OK

3.5 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (13913), with no line terminators
Size
3.5 kB (3531 bytes)
Hash
395deb0abfd0ea102c0c9aa4cf08b2f9
b53c99a2bce733f0a45a075000949d34e2fd0b17
f11d7b6985d7e97030628cf137377b14e9316f8919f80dff4cdd488366aa6652

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 3531
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-dcb"
content-encoding: gzip
expires: Wed, 08 May 2024 08:41:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-825b41c8fe9372e852223a38a226a7c2-527c555c4572bde9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:41:39+00:00, 2024-05-07T10:01:01+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css

185.244.209.62

2.8 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20960), with no line terminators
Size
2.8 kB (2763 bytes)
Hash
6cae6098e169876c305ca92f82fe3cde
d27c18f05738795d575c8ce370ed83cf07da0a5a
7095d096e88dd0a09d84d063de1e0eedd406b032150a5af99e796c2ac63bcfe5

HTTP Headers

GET /_nuxt/desktop/default/css/9eb4939a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
content-length: 2763
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-acb"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-52dcf06673b86b732365b389f400aeb6-ee82ce4ffef61c4f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js

185.244.209.62

200 OK

10 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (41615), with no line terminators
Size
10 kB (10290 bytes)
Hash
21a80fe42c418607606b5ee8ebc9ebe2
b93c8e0a2f18dd371501e1a8739e9445b2c1d9d1
880f72443c469f2d2e9421789eaeb1f2042a8c4ccfc8ce9057a685d588a97ff3

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 10290
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-2832"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-73f161b9e72f00e26b0f4202ac0a1f5c-1238160e6ec5d435-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css

185.244.209.62

200 OK

194 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (395), with no line terminators
Size
194 B (194 bytes)
Hash
7f1ee7f9ec47159043591789124ec7cc
bb021131214d4b70b327355a5a947b974f2eccbd
4041bafac614e354c03b647dc8d226e140460381c4816a65528e4ba428b0a0ad

HTTP Headers

GET /_nuxt/desktop/default/css/c3d37cc4.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
content-length: 194
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-c2"
content-encoding: gzip
expires: Wed, 08 May 2024 09:23:40 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-afb50e808be296dda5c83f835492ed7f-71196f30fb8c5581-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:23:40+00:00, 2024-05-07T14:34:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js

185.244.209.62

200 OK

644 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1333), with no line terminators
Size
644 B (644 bytes)
Hash
59e405a5c84540fd5cd4a47c01954bb9
877928ec86d9742b605ab481e28e4ca40163154b
a50357ec75eb7f36a26bfe20b003e614f8bfd8298d502b26c9dc36cbdc1d362a

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 644
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-284"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-32ffa5e5b2b8ecf60b1931800242e1ff-f4b1ac280e3aaf85-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Game-8423c9b2.js

185.244.209.62

200 OK

405 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Game-8423c9b2.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (569), with no line terminators
Size
405 B (405 bytes)
Hash
e80e61c9fbd3b73e0797f516bdb69db1
3940c472d16dc441a6c2d3f4a558791e5ebd0aef
33d3f79b4a41dddc164652a7a949930a4f197f2a36c90c8d34ed5edc4f1b5b32

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Game-8423c9b2.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 405
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-195"
content-encoding: gzip
expires: Tue, 07 May 2024 14:35:23 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4346d8905bb106c85c1bb3a94133ba4b-2d0bb9bc2972e13f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:35:23+00:00, 2024-05-07T19:03:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css

185.244.209.62

200 OK

332 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (975), with no line terminators
Size
332 B (332 bytes)
Hash
31aa50dcbc858f61bf3ed903493b8431
abf67e7f02256d2d5c5e2054b2930aa9b5ece999
18337e3b3c6f57695afaca43e471c075fd711e0485b4e7f1fdc1b6fe4e8703d7

HTTP Headers

GET /_nuxt/desktop/default/css/885d64fc.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
content-length: 332
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-14c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:17:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-93634dd052c938edd975096e1ebeb5c6-ea13914449e7f2d8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:17:32+00:00, 2024-05-07T20:11:24+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js

185.244.209.62

3.4 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (10178), with no line terminators
Size
3.4 kB (3365 bytes)
Hash
be042bab68dd466121fb1460a17b1795
3dfa3c583644e2aa71ff199a262a54e17cd378d6
2a7bf413f8f8d67f545da852425cdec3b3960fa2c62960ca49c5a2dc43108ac0

HTTP Headers

GET /_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 3365
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-d25"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d466694ad0388bea199e1b2888ef06e8-c72d37d9bcce524c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/ca542d7f.css

185.244.209.62

3.2 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/ca542d7f.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (31339), with no line terminators
Size
3.2 kB (3226 bytes)
Hash
9e9b190c1ab8126c2576203d5d43ec63
a80ccb6739023605edbd86be13f38a58ff7f4906
c4a28e2bbc67a853613460727d4abba3687be55593a7513a4079ea34579fbb02

HTTP Headers

GET /_nuxt/desktop/default/css/ca542d7f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
content-length: 3226
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-c9a"
content-encoding: gzip
expires: Wed, 08 May 2024 09:58:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d245e1109bf05285acd459863b55d7f1-00f7f9a4e671b997-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:58:01+00:00, 2024-05-07T10:40:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js

185.244.209.62

200 OK

2.5 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (8663), with no line terminators
Size
2.5 kB (2475 bytes)
Hash
a5db05d47f7f37c06acc29a0f4eeb447
b9ddddb586721548eaa4a62d7ae420bfcfc5bddb
4053d0ffbd3af6bc022131a3f123bd4e88825f1b5f06a74dd2072a2b0fe3f243

HTTP Headers

GET /_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 2475
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-9ab"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-73e00024a6a882dc69f7a9dba1c496bd-fae2cc93d9c7c3cc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css

185.244.209.62

4.0 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (32277), with no line terminators
Size
4.0 kB (3964 bytes)
Hash
eeaf257a8645b90669a2ea93b8fb534e
d81289258b7a5c126dd860232760852cc8ad865e
3a170c88ab694ad7552f7a84baa04ddb248c32b7f8ffe16d55dd73685de87aa6

HTTP Headers

GET /_nuxt/desktop/default/css/85148a0b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
content-length: 3964
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-f7c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:54:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6cc822ee9ada880d53438f5f93d6aab1-a9dd90ad6e952b45-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:54:58+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js

185.244.209.62

200 OK

7.8 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (28142), with no line terminators
Size
7.8 kB (7775 bytes)
Hash
9167c6082d419d35f57a606871184d06
d4c4fac03b353c5881c352d6ac0c05947dc2e633
bed35ed9386f6d0d6f3096d00c7d14e042c5cb404f07ef0bb9abb4cc381e89c3

HTTP Headers

GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 7775
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1e5f"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e959369d7c14f21bb1319f2f0b073307-fd95db72d3753e81-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js

185.244.209.62

200 OK

8.3 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (29805), with no line terminators
Size
8.3 kB (8283 bytes)
Hash
93a3cdd4ea0ae5eb295e71988355c5d4
0c9e334aebd99fb9c44575c99abda82d0b53acb1
104a5a19f0a8b4d443e55c32daf49eea2343ee96da27b48c21f09e1425081d62

HTTP Headers

GET /_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 8283
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-205b"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0baf3092227f5601b312899f503e105e-981114bbea03f21a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css

185.244.209.62

200 OK

1.1 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4632), with no line terminators
Size
1.1 kB (1113 bytes)
Hash
f74d8b7e31b6ab236a9577348874385d
87091e6542649037a05fc137fa449b713c85225d
b33d72295f1edbfc13da30236c4b811cffe4ba8ef758a515914cd69cf02edbf8

HTTP Headers

GET /_nuxt/desktop/default/css/5cfdf959.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
content-length: 1113
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-459"
content-encoding: gzip
expires: Wed, 08 May 2024 06:45:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c862ab5fbea9ae7bc66789f811d463cd-4f96a96f7c48c222-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:45:39+00:00, 2024-05-07T09:06:33+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js

185.244.209.62

200 OK

6.3 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (20014), with no line terminators
Size
6.3 kB (6258 bytes)
Hash
adc7f8e289bd475a5a922c91b93591b2
540252cd02880714746d3656e61c67e7acab7fda
3b542ce26d333f558f94adb8cac49e58be95a5470eb3079d1dc0b2b7a7c97b6b

HTTP Headers

GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 6258
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-1872"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f9ff2a40074f7fc0fc1b823196582155-6ad397e23946c280-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css

185.244.209.62

200 OK

46 B

URL GET HTTP/2
v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
46 B (46 bytes)
Hash
f506188b04c16eaa9c664ed23f7ce58e
08d068d7fa5a84beb06ba924a35d84d6bfdab30a
b9bfda0e940104e190b19543b94a10d120643bd1516d3ca2d266a0af6c0966e9

HTTP Headers

GET /genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
content-length: 46
last-modified: Fri, 12 Apr 2024 13:46:52 GMT
etag: "f506188b04c16eaa9c664ed23f7ce58e"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-03c649171dff14311110e39d49ec18f1-e30766cee33f580b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:47:35+00:00, 2024-05-08T06:53:15+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js

185.244.209.62

200 OK

225 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64966), with no line terminators
Size
225 kB (224914 bytes)
Hash
c4d75347728629ec3f0b90dc82f0a3d2
ff949fe02da04d39be746f8d091a1a7b30126f7a
8ca2bd3ad104c33fb6189e87cab8992734ca6bf99a631ed413f63444b834d33b

HTTP Headers

GET /_nuxt/desktop/default/app-1483c42a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 224914
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-36e92"
content-encoding: gzip
expires: Wed, 08 May 2024 09:01:03 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c88c8f52095b26bbfdeae6c3e577bf06-1333389696d2f270-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:01:03+00:00, 2024-05-07T09:06:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js

185.244.209.62

200 OK

15 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (47215), with no line terminators
Size
15 kB (14752 bytes)
Hash
ef9def5f3c8a190bfffb14ce24c6eb58
c5fa568c8f9bee2aa988c80a7246e07edd8d84ba
d5d3ad6908352036bda426fe1fdc6f1dc03ac13a7029bbf25fa50580abd9064f

HTTP Headers

GET /_nuxt/desktop/default/runtime-baf5b66c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 14752
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-39a0"
content-encoding: gzip
expires: Tue, 07 May 2024 10:54:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7ba8ef9fec46bfba2dd4b43e6f380878-32828a900f4b1e1f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:54:45+00:00, 2024-05-07T10:57:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/75bcd414.css

185.244.209.62

2.3 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/75bcd414.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (9958), with no line terminators
Size
2.3 kB (2277 bytes)
Hash
76a1e3dd8e25bf9a48bdd896de779d20
38c3643e25808d1f3ab167273201eac8c113c088
aa36f7a0cd4e7059cfef75dda25cd20e0bd1fbbe3d10a4ed0697cb937f009273

HTTP Headers

GET /_nuxt/desktop/default/css/75bcd414.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
content-length: 2277
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-8e5"
content-encoding: gzip
expires: Tue, 07 May 2024 11:27:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-95ccf01606c1600b0743005d231b77c5-ed61c90013de8668-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:27:59+00:00, 2024-05-07T12:10:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js

185.244.209.62

267 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (61101)
Size
267 kB (267237 bytes)
Hash
1992415420cd9d59941e07133aa0c521
308a748fa982a440a112cb9e449f25a23bd6d83e
94a8f060251c7e705ee8c823783cb067e2844edb0f3900b6b0e91948d92ce907

HTTP Headers

GET /_nuxt/desktop/default/vendors/app-d26cc899.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 267237
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-413e5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a10ddd8ea0ffbca44e6d0c5ac727d646-6eae462c0b2f5ba5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:58+00:00, 2024-05-07T14:49:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/commons/app-2e30fd7d.js

185.244.209.62

200 OK

47 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/commons/app-2e30fd7d.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65476)
Size
47 kB (46801 bytes)
Hash
03b89bdb4f6013159d40de88c98403b6
cf41351caa86d91b56cf839d54ab28bf8f4f54f8
42d02ce0b520e2d8ce7341a0b07d92cd3833d762337b1f8aabc6f7f23e6fad4a

HTTP Headers

GET /_nuxt/desktop/default/commons/app-2e30fd7d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 46801
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-b6d1"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ef1e28f25cdcd86a8e191acc794e0b13-39a002959156d333-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:58+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg

185.244.209.62

1.2 kB

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
1.2 kB (1201 bytes)
Hash
d7f6ca020517e4b283c103b059dc9bbd
718cc097930346dd8e4937d001a89021429c6b56
0097f5b1a6d5788886b330c914d8ad1a0a53a640dc489708447da0c45dd30937

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/7c43e6fa10d0665cf556d13ff2a1906d.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: image/svg+xml
last-modified: Tue, 02 May 2023 10:06:49 GMT
etag: W/"7cca3986f7a5c4c164144ff11df71073"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2b6a0dbc24ca609a9daa52820fdef3d4-91be2b2fc86af78b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-11T08:32:05+00:00, 2024-05-08T06:53:09+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7ce67ca50448aaf25dcaebc5863328ce-13d155d349de8155-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-05-08T06:23:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7d57a294a5fb56f44ff09b7b5a42345c-ddd90c08e37ced79-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-08T06:45:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/check-ob.js

185.244.209.62

200 OK

187 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/check-ob.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
187 B (187 bytes)
Hash
ced67278c38d1ce1297c121af69fff8a
df6e1531fd84d956263b04254e6f94f5356623f4
2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616

HTTP Headers

GET /_nuxt/check-ob.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 187
last-modified: Mon, 06 May 2024 10:23:37 GMT
etag: "6638afa9-bb"
content-encoding: gzip
expires: Tue, 07 May 2024 12:56:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0ff2c7238af372314a378671fcf49be4-eefb6f44086865d3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:56:18+00:00, 2024-05-07T11:36:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2

185.244.209.62

200 OK

65 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 64732, version 1.0
Size
65 kB (64732 bytes)
Hash
3ac5d40d1b3966fc5eb09ecca74d9cbf
a69f32357765dd321519889aeacba5e9ca893bb0
3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d7680876e03babb543fbb11bea547ace-afe55d2413ddae8f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-05-08T06:55:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png

185.244.209.62

653 B

URL
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced
Size
653 B (653 bytes)
Hash
e6f0766cbd95db33da44e7a9140648f2
5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf
c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: image/png
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f028485d972cf2eadd30cbca52ffba97-b85c7bfae19728d4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:12:59+00:00, 2024-05-08T06:53:09+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/f5105820.css

185.244.209.62

194 B

URL
v3.traincdn.com/_nuxt/desktop/default/css/f5105820.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (395), with no line terminators
Size
194 B (194 bytes)
Hash
2818ab9c6ece35261fbf658165189623
f01f8175a7a89449a1dad5f2a7df06c5866c10af
b4f0b619b6f6ece6589df376a16eae022b084640348887d3c557e20a37207583

HTTP Headers

GET /_nuxt/desktop/default/css/f5105820.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: text/css
content-length: 194
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-c2"
content-encoding: gzip
expires: Wed, 08 May 2024 09:24:14 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-594010ab527361518ce085b9eed6f6d8-f5cd7dddfea28de9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:24:14+00:00, 2024-05-07T17:58:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js

185.244.209.62

200 OK

633 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1235), with no line terminators
Size
633 B (633 bytes)
Hash
52ab057c90af6d742e95f43ff97e95ff
dfdce102add5fc4fa06ac366a663e7a732bd9352
feedd981d953d2933cbb35a49608ebf408f13f457399c2b11aa1ef5eb76db547

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 633
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-279"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:12 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d2c587de95cd81b0bdaf196a378fafd4-6a5d1104f328e1bd-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:12+00:00, 2024-05-07T15:18:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js

185.244.209.62

4.2 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (14574), with no line terminators
Size
4.2 kB (4187 bytes)
Hash
2f5a8b05ac32c583fcde180d9d46fce9
86cc94f0c76922b731336bb6c13ff2839f37d689
6f2a20b4cda56cb4d92bd6d3817945c5e659723eaf3e5c85f0a00274c909a9cd

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 4187
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-105b"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:12 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f79bd14219488d8b68f9ca153adb3d07-29e92116d0152fd0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:12+00:00, 2024-05-07T15:18:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css

185.244.209.62

200 OK

1.3 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6872), with no line terminators
Size
1.3 kB (1331 bytes)
Hash
7727cc93d85a2459297f9b1237fc6a92
f37f7a3ec3d30df2513a38dd2c67fefaf038edec
e4559060670fd8cf92ad4e830ae9237d2bbc735470f4597ad5d943388d9248d2

HTTP Headers

GET /_nuxt/desktop/default/css/2a37879e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: text/css
content-length: 1331
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-533"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-fc9bd26f630b3eaff6bd4066ca709746-3d6ea40912b51a45-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:13+00:00, 2024-05-07T15:18:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js

185.244.209.62

200 OK

10 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (37196), with no line terminators
Size
10 kB (10214 bytes)
Hash
149f1f916b0c47494c7bdc15122390d4
f6be7ef6c3649f4b83fd19f7459dbce46ff15925
f8ecbd7355d64beb3e23daea185a634fa436012d707160381bb3b65548a9c92b

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 10214
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-27e6"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:12 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f4ff73ec9d17bd09dd8585ea81029337-67e033364aa3f49a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:12+00:00, 2024-05-07T15:18:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js

185.244.209.62

37 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65461)
Size
37 kB (37176 bytes)
Hash
aedaa99fcce183a213f358a727e9eb87
7fe33331acbced57be412f96baff3a4595e207fb
2ccadc0a2eea97aeeb5f1825ad9bdac3873481a54bcd3b42cf6724271cd0f6ac

HTTP Headers

GET /_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 37176
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-9138"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9571338121c7c0026689956831a40dfc-92b0617295f4f5d9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-07T15:18:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js

185.244.209.62

10 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (36638), with no line terminators
Size
10 kB (10115 bytes)
Hash
63e1a6027725eca572736670eb935432
e3578492cf68e66a44f556a98545294a5b1bed5a
e96e0e4abe03d7fb0d2449e0f2bf27bb0ee85cdd4d7b4098276c712842b45d8c

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 10115
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-2783"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e250a7248940b708956e60d54218b983-eb7999bbd58a6a59-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-07T15:18:15+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js

185.244.209.62

200 OK

5.6 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (19536), with no line terminators
Size
5.6 kB (5565 bytes)
Hash
860ea683ac1ca8494adc10cb2ea4fcdf
a1004cb9bb3a036d215dfbf6b9bade88ad81a7a3
e8fcc72111c9040f545dd314899e61e406ceaa76601c816dc3c1a7b407f88850

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 5565
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-15bd"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5002045baa756a878cd420faf4920b6f-97e65b4f39a3fe3a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-07T15:18:15+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js

185.244.209.62

200 OK

32 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (64912), with no line terminators
Size
32 kB (32522 bytes)
Hash
474bfa89621896100251055f7c19712b
0e19c615fc77f9ed2d69d74b7f8a42d41c6f5138
ea0fef6e0a33df0b36bdce2df6b8bf50eef0dd3b71c7c6fc567a7d7c5d39fdd3

HTTP Headers

GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 32522
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-7f0a"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-28f4db2f9643df592191a9c779f1c098-93fa3701ee65163d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-07T15:18:15+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/4b5c6c89.css

185.244.209.62

200 OK

6.7 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/4b5c6c89.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (53058), with no line terminators
Size
6.7 kB (6667 bytes)
Hash
173f5247c95e1b42bb3b77ed0a8eb44d
5b4b32ac3c6b995e254b7e8e1ecdf00ef4882aa9
f20b6d24581afe4c6af83abbc14b11194385c8e5f15a27e972724f61891c6dd0

HTTP Headers

GET /_nuxt/desktop/default/css/4b5c6c89.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:37 GMT
content-type: text/css
content-length: 6667
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1a0b"
content-encoding: gzip
expires: Tue, 07 May 2024 12:55:22 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b835827d7e4394617ee73d589f86dd76-8e6c94fbb546f4e7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:55:22+00:00, 2024-05-07T15:18:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js

185.244.209.62

22 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65476)
Size
22 kB (21889 bytes)
Hash
45f90516ee8a557d78c08e1e925c1490
adc0363ed75f47f9513a36a94173c6e4940a2adc
f5b8b3c4e62dbb4ebc5fd634f5bb17b3145a14c21bdc3e9c0a4dcb45b9e573fe

HTTP Headers

GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 21889
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5581"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ab3969e5db5f01403b4e6dc7c369f2f2-08a344aaed08a8e8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-07T14:53:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js

185.244.209.62

200 OK

4.6 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12527), with no line terminators
Size
4.6 kB (4556 bytes)
Hash
805e7c2cd861f2191db66c39ab28e86b
a6353246547e9a9fd01093fcb784d708d187e3ef
82686dab55962ead6916346bd901b3fc03357bb2a0e74dfe966ff784d75b2368

HTTP Headers

GET /_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 4556
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-11cc"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c0c71e405c7d9c0cc868d734c732f9b0-7d4705c64d34225a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-07T14:53:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css

185.244.209.62

200 OK

953 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (3352), with no line terminators
Size
953 B (953 bytes)
Hash
748da80084597d87b4ff5e98b017b07b
db6ad2ec24bfcbe751a23061d935403e1163f471
4eaf4071f43aaa0243a4c6948131b7a3e03fe6ab1f4228da38e8588c15e01f24

HTTP Headers

GET /_nuxt/desktop/default/css/e5c0e314.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: text/css
content-length: 953
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3b9"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:11 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-393807820067b1dbfd7909b43741405d-1d380e9809681288-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:10+00:00, 2024-05-07T15:29:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js

185.244.209.62

8.1 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (26717), with no line terminators
Size
8.1 kB (8055 bytes)
Hash
ead4a901af60e4b8138e732f0aea9637
7c1d57d444a07553738ddcb8b6a2bee305a0c215
e6bc116e4cb54d011d2a1fa1f87ab12d1f320aa8dc54c89b1f286f2b02ee14c0

HTTP Headers

GET /_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 8055
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1f77"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-52c029fea4feb545323286df78c110df-c48d57a0937fcb10-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-07T14:53:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js

185.244.209.62

200 OK

2.1 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6960), with no line terminators
Size
2.1 kB (2120 bytes)
Hash
91d17dbf833b48149a8b5d2f21895879
bd71a45fa4419ab4ddbc676f0a9cca2be05e1703
f085ff2e310ab82817411e3ed64d0902de49e149d0958cadb91d518ed5854335

HTTP Headers

GET /_nuxt/desktop/default/date-fns-locale-21-290f49eb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 2120
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-848"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b0e1977cd101b30d89435e1070366cb6-677ae4f93bea5d60-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:15+00:00, 2024-05-07T17:01:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js

185.244.209.62

200 OK

999 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2336), with no line terminators
Size
999 B (999 bytes)
Hash
b44bc16cd2630bfada5ec9cbdbfcafab
43918946155d48f6cc8ecba42e2cf2cab28debd7
189ec6fd8e44cc47498706a2d2c815da1dc255040ef5ef57f5faa7c10c05ae42

HTTP Headers

GET /_nuxt/desktop/default/DC-7e6a4aad.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 999
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3e7"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ec1a9c128a0c1a0b0e0f9a299466790d-067dd15b1b81546c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:01+00:00, 2024-05-07T14:53:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js

185.244.209.62

1.6 kB

URL
v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2425), with no line terminators
Size
1.6 kB (1577 bytes)
Hash
3a0e4a54185bcc66d2e032dd30a385eb
627755ca54def0761f25f827d5b4cb483e1ca83d
e0bc5ffed1e6fd6285fea94e991fa8ec48a5f17677519c766d7ee7e757a02239

HTTP Headers

GET /_nuxt/desktop/default/Betting.Core-d4a24bae.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 1577
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-629"
content-encoding: gzip
expires: Tue, 07 May 2024 10:54:52 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-13332a4cbfcc70f79dc0c32e071552cf-34f6189ae83d155a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:54:52+00:00, 2024-05-07T11:19:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js

185.244.209.62

200 OK

1.5 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (3229), with no line terminators
Size
1.5 kB (1451 bytes)
Hash
0cc9277dab4117c9b162cc01e1f0b97f
5b7d9007e2d99d3715c5f226aadf44aa4da4332b
6d7637a83c7812813039573e9c67efbb30e4021a971c546621a397eb72ea4bd0

HTTP Headers

GET /_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 1451
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5ab"
content-encoding: gzip
expires: Wed, 08 May 2024 08:42:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-732a3ab802063e75bec7a709cf342b13-db4f21c2dcc1c72b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:42:00+00:00, 2024-05-07T09:23:42+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/version.json?timestamp=1715151578201

178.253.29.51

44 B

URL
1xlite-461430.top/version.json?timestamp=1715151578201
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text
Size
44 B (44 bytes)
Hash
265e4e9c948f929631d7e9bcf0d19d5b
c70f40cde4e09003b980fdae5130f3695de16add
62ec6fa5c15470b882bd7e05f5651b0a265a0cb2857cffa5cbfa34b3d2cf42ba

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /version.json?timestamp=1715151578201 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/json
content-length: 44
last-modified: Mon, 06 May 2024 10:24:15 GMT
vary: Accept-Encoding
etag: "6638afcf-2c"
content-encoding: gzip
expires: Wed, 08 May 2024 07:00:38 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

1xlite-461430.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285

178.253.29.51

141 B

URL
1xlite-461430.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
141 B (141 bytes)
Hash
bd9be2fa89d26e9e6f1b2e08ffcd0ed6
90eae25ee792254c7ca97e98c5782078f9bdc37f
c11510c5556799ec6bf918684e80903d08cf6237d3c4f94d32a8ebf35d067a1d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/json
content-length: 141
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: enebf83560af95b198ca2d2caf127b1151
age: 416
x-request-id: f150a49a42081a13ce20966f65e348b5
x-request-guid: f150a49a42081a13ce20966f65e348b5
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.4660358428955, wf-uht;dur=0.010
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-dc087bc0.js

185.244.209.62

200 OK

1.3 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/ioc.dependencies.18-dc087bc0.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (3073), with no line terminators
Size
1.3 kB (1321 bytes)
Hash
66c4eb11ec60384b198e73db080c0f32
6fb7618e384b9e01454c7b984728236f178192da
b45c772a5a204e430a575b896edc43205412a5f28539c2e48c152df7669ad7cb

HTTP Headers

GET /_nuxt/desktop/default/ioc.dependencies.18-dc087bc0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 1321
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-529"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-fc96564495f0bf36c25d9a29ca705f13-a30b8bf349705ec9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:15+00:00, 2024-05-07T15:18:26+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js

185.244.209.62

7.7 kB

URL
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (31337), with no line terminators
Size
7.7 kB (7722 bytes)
Hash
f9da465f4f7355523306ce6bbf89c0d5
c39974e7867bcdd6bbe385ba52c9be335afdfe6b
a5ff3777031e8ee4babfe1d6a7a6fff1fb2fc0db58de71ea8202bc37a7aab0f2

HTTP Headers

GET /_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 7722
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1e2a"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2b212e95c8e9b18881a3439af1f8bb6b-8546128626d524ec-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T15:18:29+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css

185.244.209.62

3.0 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (22886), with no line terminators
Size
3.0 kB (3006 bytes)
Hash
f1e1bb557e1155bf9c70751dec445176
013c5224a1bbbf0d6603f25e31863aa90f279b40
7aa1af5184d161c5f279c0da3199cef2dfc0aac5e90cce3e880f1f89401a0a15

HTTP Headers

GET /_nuxt/desktop/default/css/ad481252.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: text/css
content-length: 3006
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-bbe"
content-encoding: gzip
expires: Tue, 07 May 2024 12:29:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7ec62a91691f870ccd405a57309b5fe1-f94d8e21f6edf0a3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:29:01+00:00, 2024-05-07T17:01:18+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js

185.244.209.62

200 OK

25 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65483), with no line terminators
Size
25 kB (24938 bytes)
Hash
756179b1f968d35107908086a552c869
5c1f6c8a0c1eed4246c04dac52c4b7056fc991e8
37093cd5b15bf40421db8a64625a01317d043479685d2e1f84accb8fbf992ea6

HTTP Headers

GET /_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 24938
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-616a"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cdaa07118e63d93cfee237d3ad28f886-68e3c315715ac362-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T15:18:33+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css

185.244.209.62

200 OK

459 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1526), with no line terminators
Size
459 B (459 bytes)
Hash
97fdf5b6e7dfddf6ab251e984133b2c3
bb552fe685c52c34e0ed91e4dfaa9df2675ad086
92fcdb73c544b1f2befe78685340fd3371e920187a2232f8e4bffd73985d40e3

HTTP Headers

GET /_nuxt/desktop/default/css/526e44d9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: text/css
content-length: 459
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1cb"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-411dd3abd6912e0b97f771a3bf2c3ab0-d082da99008b4b02-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:30+00:00, 2024-05-07T15:46:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js

185.244.209.62

200 OK

17 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (41022), with NEL line terminators
Size
17 kB (16831 bytes)
Hash
45302df89a240c65824afccc0240c030
84573118a402aa9a4ee0321ccf3f914c438a8369
25b695450684f580508f24855ea2d181ecd499e26573010621dd4a2ddc5af16a

HTTP Headers

GET /_nuxt/desktop/default/vendors/betting.media-233f5bf5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 16831
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-41bf"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0efbb79b144d315f9bddbc065983f84a-7052055ed44c8558-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T15:14:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css

185.244.209.62

200 OK

1.5 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7000), with no line terminators
Size
1.5 kB (1486 bytes)
Hash
f379bc6f4b94f34d96f6fe51159bee63
f4c0d4dbef1e1e734e84e05d75e4ff950d06eb60
b2a5bd6495250a19500dd5a6ca62f045c8b70226a668dc63ef40c78883bdae11

HTTP Headers

GET /_nuxt/desktop/default/css/ff267c5c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: text/css
content-length: 1486
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5ce"
content-encoding: gzip
expires: Tue, 07 May 2024 14:34:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-67bb8603485709f2017815a3b3faecf3-74d54c2a0bb8000c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:34:32+00:00, 2024-05-07T17:11:07+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js

185.244.209.62

200 OK

4.7 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (16761), with no line terminators
Size
4.7 kB (4726 bytes)
Hash
fda91a0dd5e8251a0c4c540d7e54ed52
3c4a6e38286708cd62ff071ccf97e73f37200728
b3c3c2ee09cf4af0164878165cd9971fbfe83a461c18ad0ef7cfc33b36b782ef

HTTP Headers

GET /_nuxt/desktop/default/betting.media-64ed71be.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 4726
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1276"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1649766d5d1176ca09f53f90bf544cc0-10e1a1021ae370ca-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T15:14:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js

185.244.209.62

200 OK

7.4 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (32231), with no line terminators
Size
7.4 kB (7381 bytes)
Hash
56a0eecb3ec4576e9abf6f8f3e2707f9
6ddfcb4b1669c1323d87906b720fe8e4c258c143
81a5331c3ce30f9e8f21bf5e69591e24dd0c77d9b69157bf0a5e2242fc299ed4

HTTP Headers

GET /_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 7381
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-1cd5"
content-encoding: gzip
expires: Wed, 08 May 2024 08:41:53 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-182b01cb385cc0962308a8cb318de160-72104bd3c2aafc55-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:41:53+00:00, 2024-05-07T10:11:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137

178.253.29.51

176 B

URL
1xlite-461430.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
176 B (176 bytes)
Hash
ac86deb03def477abf768a8455c8aa90
87bbc45a47946c01a6f494da652c5b1940e4a62c
6a19047f1e73a26daaac3ec171356c005d39984c931de6c0c0b4184ade05c55b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/json; charset=utf-8
content-length: 176
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

1xlite-461430.top/session-api/sessions/user

178.253.29.51

16 B

URL
1xlite-461430.top/session-api/sessions/user
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
16 B (16 bytes)
Hash
646b2e82b65602d35f7aa6283c387e3a
b163a70c5df8e4b0861a23a04f8a6f78393747f4
b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /session-api/sessions/user HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.1708736419678, wf-uht;dur=0.009
X-Firefox-Spdy: h2

1xlite-461430.top/bff-api/event-logo/v2/suitable.json?lang=en

178.253.29.51

200 OK

2 B

URL GET HTTP/2
1xlite-461430.top/bff-api/event-logo/v2/suitable.json?lang=en
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bff-api/event-logo/v2/suitable.json?lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, private
server-timing: bff;dur=10.62, dt_total;dur=41.383, wf-uht;dur=0.052
traceparent: 00-b8938e2237cfae6192de7761ac3c5a1c-5d144d6d94c03c67-01
x-dt: 285
x-time-ng: 0.029
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css

185.244.209.62

200 OK

97 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
97 B (97 bytes)
Hash
9deb70dd3fbdc7061ed21c5632fbc55b
22ae1cadf75b3fdd5e3e3762842b1b7a6f6e7ed8
be8196057ac43ab3882caf30239c364e1ef4ceda087e92ca87187ce239f022f9

HTTP Headers

GET /_nuxt/desktop/default/css/88cfac66.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: text/css
content-length: 97
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-61"
content-encoding: gzip
expires: Tue, 07 May 2024 16:27:42 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b028ea214d5ace6836762da48c333948-76b496a78f9803e1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T16:27:42+00:00, 2024-05-07T13:45:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-022bbfcd.js

185.244.209.62

200 OK

8.5 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-022bbfcd.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (25972)
Size
8.5 kB (8520 bytes)
Hash
e30c678eadf7bd0fcc773e1599b97ddf
41243dc14d9eb2569fa832a3b8c27fc0158991aa
a4334d54b8db6d6eceb88c48ee428dfbb0ad3749d4137439f77859e205b52806

HTTP Headers

GET /_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-022bbfcd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 8520
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-2148"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b358076a9106ed929762e8643b5882d9-8e5c99b8143d7693-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T15:30:09+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/25e24e18.css

185.244.209.62

1.5 kB

URL
v3.traincdn.com/_nuxt/desktop/default/css/25e24e18.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (6262), with no line terminators
Size
1.5 kB (1505 bytes)
Hash
09f1bd90913ad83743065cc13ee3e0c6
0f1d49d4ddfccf474d882839c1ac901a8c1d91e6
b0222e16baaccc20a1143166da7715bbab586f1d8d8bebf26f91e98738a55a92

HTTP Headers

GET /_nuxt/desktop/default/css/25e24e18.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: text/css
content-length: 1505
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5e1"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a35c353e78b7fa567bc82d7149a117e2-583d2c0268c1fb1c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:59+00:00, 2024-05-07T16:33:54+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js

185.244.209.62

200 OK

21 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (20768 bytes)
Hash
05e740893c07a5cc45b5f0f2d787dbf5
28c364157e02ce207609bca53064a4b513e8bda7
a2af38a1cec7178448ce8d1aee99190b643f50894d3d05cac2e5234caeac8e5e

HTTP Headers

GET /_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 20768
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5120"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7f673f949728c06203f981e9a5edcc44-99c1ae26de4a05fc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T16:46:08+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-183c618c.js

185.244.209.62

200 OK

579 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-183c618c.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1003), with no line terminators
Size
579 B (579 bytes)
Hash
54f54116f151f6469527d5f5c584887c
8078098cda5d50eeb285da4fc78655562f8324ed
8112adb0bbfa619109d5a6c3263e5e1761599c14b3c474b58b2f5ca512b46efb

HTTP Headers

GET /_nuxt/desktop/default/betting.coupon2-183c618c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/javascript; charset=utf-8
content-length: 579
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-243"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-37a5e3a1cf7808ce73a0e8967015dafe-3eff7efdcb69fdab-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T15:18:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LineFeed/GetTopGamesStatZip?lng=en&antisports=66

178.253.29.51

1.9 kB

URL
1xlite-461430.top/service-api/LineFeed/GetTopGamesStatZip?lng=en&antisports=66
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
1.9 kB (1918 bytes)
Hash
48ca19a613f6552e70681fe7e58e0372
9fc6501cbe1656304960e53ed586487e293fa997
510a3bd723d1091c4c9afe74992b1bc26b993472cc2a7d0e2bcb7d9cd37fbc41

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LineFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: application/json; charset=utf-8
content-length: 1918
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:39 GMT
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.021
X-Firefox-Spdy: h2

1xlite-461430.top/web-api/api/v3/bonuses/first-deposit

178.253.29.51

200 OK

486 B

URL GET HTTP/2
1xlite-461430.top/web-api/api/v3/bonuses/first-deposit
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
486 B (486 bytes)
Hash
6c497f6fefa1ff03d2b3f026ca9ea1b2
67708749c2923ee8fb64f119bfe6601df89cc754
62d6341764aac9fa45a7c7c304e969a0408d60f679d5142d0faa28e178d132c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/api/v3/bonuses/first-deposit HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=40, dt_total;dur=69.193, wf-uht;dur=0.083
traceparent: 00-a8529fd1d7200e7e1c6a7196462410ab-eeeb1a5b8d9a5959-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.051
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg

178.253.29.51

296 B

URL
1xlite-461430.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
SVG Scalable Vector Graphics image
Size
296 B (296 bytes)
Hash
b1bf63d00887bb0354e9d89c7d790a01
2d64ab25c9afff682abd6732f62ba62a197e972b
a6a4fbbd99a0a82de03f05da827ccd9d019574bf3450727530403c2b5ce92df0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: image/svg+xml
content-length: 296
last-modified: Fri, 23 Feb 2024 10:03:47 GMT
etag: "b1bf63d00887bb0354e9d89c7d790a01"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg

178.253.29.51

200 OK

506 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
SVG Scalable Vector Graphics image
Size
506 B (506 bytes)
Hash
9c340eae608db0c25657b4a73d769afe
988fbf333a2e9290211cd9e6b7c98c59719012b0
b92e969acd8a1e0f9cfd1f84080ca5ccb8cb49b105299434c275a8813faf841e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Fri, 23 Feb 2024 10:03:36 GMT
etag: "9c340eae608db0c25657b4a73d769afe"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-414928da.js

185.244.209.62

200 OK

692 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-414928da.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
692 kB (691985 bytes)
Hash
15a662e2260d426acf65358c3704b4f3
a8655e71b906cd772974c3aeee4e52981b333147
6c10c8d6355287437c6d20888e8fd19214fd93ecf81feb3d888ff06908a0f14d

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/entry-414928da.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: W/"2ff74ba461966e9ef07ec952168d3783"
x-amz-meta-mtime: 1714551564.679873411
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:40 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1b85ef51de735fe3618125ea751e260c-09c321425a221416-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:40+00:00, 2024-05-07T17:01:27+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json

178.253.29.51

200 OK

844 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
844 B (844 bytes)
Hash
eec4805fe0f6e17d5ade92a382f5b068
ca6a26fe8ea31e66c0bef88c4e7f489dce9f9a4b
b50904054641c30b6b4ee7ed4290b52022825f2e9e9e3a4a060b8ecddf28c898

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Wed, 28 Feb 2024 21:42:45 GMT
etag: W/"eec4805fe0f6e17d5ade92a382f5b068"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

1xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

178.253.29.51

200 OK

23 B

URL POST HTTP/2
1xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
70227593bbfb683f1559fbaaa514ffdf
9444446eed9f417ab2285fb506ae3cae49261774
4775938d518e32a5d671d76837f80f42e843dbea0f0ec59174e81af953a09998

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Content-Type: application/json
X-Lang: en
X-Uuid: 55a35bab-fadd-4aee-bb67-bc3438d8c495
Content-Length: 79
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal/modal.office.TwoFactorAuthEnableModal-74c102e0.js

185.244.209.62

200 OK

5.6 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal/modal.office.TwoFactorAuthEnableModal-74c102e0.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (15997)
Size
5.6 kB (5562 bytes)
Hash
18f932fe4f53ce3de4a44b04b0524916
ed47f4f593c25b33012b0369c19883c23e7d3df1
c665029c63cfd9399be9c74e897668b621e3a6e690f0da69196f4c73c16f0cee

HTTP Headers

GET /_nuxt/desktop/default/vendors/DownloadAppWidget/modal.IplWorldInstallModal/modal.office.TwoFactorAuthEnableModal-74c102e0.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 5562
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-15ba"
content-encoding: gzip
expires: Wed, 08 May 2024 08:42:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-dafa004fad2347c07eefc9c71531ef84-5c86d236773046af-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:42:16+00:00, 2024-05-07T12:30:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/0e3e1e8d.css

185.244.209.62

200 OK

1.2 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/0e3e1e8d.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5638), with no line terminators
Size
1.2 kB (1193 bytes)
Hash
be85f100312ee4f9396b6e89cbcb0fef
3934783d38d182ddcaccfdedbbe4fb65c266864c
06a9b859f60f7872c7beaa8286d3c1f45708dd0e1dee20f4c0d55c8719cc2983

HTTP Headers

GET /_nuxt/desktop/default/css/0e3e1e8d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: text/css
content-length: 1193
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-4a9"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:47 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-bb2eb2f101be0d24d23798f7b70415b9-8213fd672578ff79-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:47+00:00, 2024-05-07T15:29:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-b6662b37.js

185.244.209.62

200 OK

4.1 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-b6662b37.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (12039), with no line terminators
Size
4.1 kB (4124 bytes)
Hash
d5bb5783c476219b31ce5582083fd74b
326b40532b72988c1d23fb931daabead75d18482
2724a816ddb0fd1234ca8cebf9db4fd60290f282fcfcb5619ffe70be9c0160b7

HTTP Headers

GET /_nuxt/desktop/default/DownloadAppWidget-b6662b37.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 4124
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-101c"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-eaf96ea7185e4abc3883b624d472ae48-0911f9c842286577-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:35+00:00, 2024-05-07T15:29:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js

185.244.209.62

200 OK

2.3 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7751), with no line terminators
Size
2.3 kB (2295 bytes)
Hash
3078429361b9801527b7f4deb1ff2633
c0bf69639f54697d7fcf5ee8ed06072a629b3fff
3042f5f56a8fae2d232bd88071179a50133e8d90fd11ec2f52259b23d8e0cb5a

HTTP Headers

GET /_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 2295
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-8f7"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:43 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2ad5c30a6f79981ce7ef16d6261cfde9-df1a1c8587a58c08-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:43+00:00, 2024-05-07T16:33:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css

185.244.209.62

705 B

URL
v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4705), with no line terminators
Size
705 B (705 bytes)
Hash
2b6cccff5325f6e14ccd6ec354319cd6
f4ec05fc468d3daddec1a3d825c29a55ce4b2050
a153e31a0350b58aad71597632348e14c954738845b58f05ca04b8212dbaca38

HTTP Headers

GET /_nuxt/desktop/default/css/ff09be90.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: text/css
content-length: 705
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-2c1"
content-encoding: gzip
expires: Tue, 07 May 2024 14:41:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-05-06T14:41:31+00:00
traceparent: 00-395e1c0fa3d3ceb8c19255c51d1e29fc-9a59147226ce371f-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&country=137&virtualSports=true&gr=285&groupChamps=true

178.253.29.51

200 OK

19 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&country=137&virtualSports=true&gr=285&groupChamps=true
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
19 kB (19444 bytes)
Hash
1b4840c3446fd4a3e4e9d5c4623a4e23
81eb671e6e8d21871af78fc7fcc0be258e7c44c3
b6bd261263dbee5c2dcefdf55d79516e699782f4705d190e4111f368d46b3570

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LineFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: application/json; charset=utf-8
content-length: 19444
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:39 GMT
vary: Accept-Encoding
x-time-ng: 0.065
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.080
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size14/sfiles/logo_teams/65e3e972954419765c3ce21698edf6cb.webp

185.244.209.62

200 OK

722 B

URL GET HTTP/2
v3.traincdn.com/resized/size14/sfiles/logo_teams/65e3e972954419765c3ce21698edf6cb.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
722 B (722 bytes)
Hash
f8e8c4556e51470e25e7be47de752ab0
b8b428bc1fd846e753253df800c5fc83e6b01ff5
3ab78e2d5071024e22da3dd03afff453b7b7eb93ad0f9821ceab2c2ab9911628

HTTP Headers

GET /resized/size14/sfiles/logo_teams/65e3e972954419765c3ce21698edf6cb.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: image/webp
content-length: 722
cache-control: max-age=94608000
content-disposition: inline; filename="65e3e972954419765c3ce21698edf6cb.webp"
content-security-policy: script-src 'none'
expires: Sat, 24 Apr 2027 07:13:34 GMT
x-request-id: c4e7b9f3bd50cc54e7b3af67389423a6
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9decc2329af1a0af5241332f11a7d7d2-5ef45c00fbe786b5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-24T07:13:34+00:00, 2024-04-25T19:02:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/web-api/user/secure

178.253.29.51

200 OK

736 B

URL POST HTTP/2
1xlite-461430.top/web-api/user/secure
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
736 B (736 bytes)
Hash
0011583a54ede2f1e533f943bf0ebfe6
a7e80ca1a7873fef74eb68384df8e770ae2a58c3
27cb16522fdcecb66a13a13547a68b0af4e96ddd1530bffc7a3dccffa0ce1d1d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /web-api/user/secure HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=16, dt_total;dur=17.391, wf-uht;dur=0.030
set-cookie: _glhf=1715169355; expires=Wed, 08-May-2024 07:59:39 GMT; Max-Age=3600; path=/
traceparent: 00-41306ac83807c107b029d4100c854ce1-208b819a9f74ef75-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.017
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js

172.64.148.184

200 OK

40 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/81.9c6562bba5669b47.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
40 kB (39685 bytes)
Hash
81a90af6783cd4469f28544147bb818f
7a8913836534ef7ecb3603d914f37549d83e5a09
38e353bc8523950b447835839a8652778651bbed2dab0ab768dd6e8b157d1bf1

HTTP Headers

GET /_next/static/chunks/81.9c6562bba5669b47.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jan 2024 07:49:06 GMT
etag: W/"8f42-18d3024f9c4"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 657569
expires: Thu, 08 May 2025 06:59:41 GMT
server: cloudflare
cf-ray: 880791867dcd5693-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/sfiles/games-images/game-animations/game-316-animation.svg

185.244.209.62

200 OK

3.3 kB

URL GET HTTP/2
v3.traincdn.com/sfiles/games-images/game-animations/game-316-animation.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
3.3 kB (3349 bytes)
Hash
f8290924f09d84a4b8daf98941aef9b9
25b16ae03ce15589f7bf6e869f9d13edccf65e6e
8edcce5b30f88a3421c4f4d7c4a94f6a60088da58997ca43031113a6244b5577

HTTP Headers

GET /sfiles/games-images/game-animations/game-316-animation.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Jan 2024 08:41:20 GMT
etag: W/"0db44d13e7a50cd2da8dd47ff024f1cd"
x-amz-meta-origin-date-iso8601: 2024-01-12T15:48:06.000Z
expires: Tue, 07 May 2024 00:00:59 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cb641d3d2e32856e43154eaba1291359-5a020c658a154832-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T00:00:59+00:00, 2024-05-08T00:43:15+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/c6fd0f94684461b018b5d68900173ba3.json

178.253.29.51

200 OK

473 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/c6fd0f94684461b018b5d68900173ba3.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
473 B (473 bytes)
Hash
e67aa19ef00fd2285c7b4ecbb6018306
5b01d4786d6fbfbd5de7901eb4359a55466f434a
135c1042c31e3674d8a1b3b9e7179f4f36868048ca6058ea458ff291b8880b5e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/c6fd0f94684461b018b5d68900173ba3.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
content-length: 473
last-modified: Tue, 06 Jun 2023 13:22:27 GMT
etag: "e67aa19ef00fd2285c7b4ecbb6018306"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json

185.244.209.62

200 OK

95 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_full_en_0.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
95 kB (95253 bytes)
Hash
a8e285cc23a49da57295b2a48c31ca14
5c0b53f757044908a8895b96d30e8d46fc89567b
d305bb5f3471f96fef964eddce402949037dfe25dacbe4c4db99c79ec4d0abbb

HTTP Headers

GET /genfiles/cms/betstemplates/bets_model_full_en_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: application/json
last-modified: Thu, 02 May 2024 09:18:58 GMT
etag: W/"65c4f8441dea9f78c50a9fc7029f9193"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-149f9a2f285bf7d4f588122c38054429-5b608df5b151d2fa-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T10:43:17+00:00, 2024-05-08T06:34:30+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.328/285/coloredSvg.svg

185.244.209.62

61 kB

URL
v3.traincdn.com/sys-icons/1.0.328/285/coloredSvg.svg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
61 kB (61140 bytes)
Hash
3b7dd56385ba5240150249586e0a8c13
8eb5d0901ffb0a11b237e81daade2350c2095c03
bccad2d4b507866f3f3d3e67927af8a4fe8e4cb371d13fa4804ea6cc0b98f3fd

HTTP Headers

GET /sys-icons/1.0.328/285/coloredSvg.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"fd241a06afa4bae60c4bbab7fa1a9a5b"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:11 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2ad82a009528d96661b78cfbc62642c2-8d5b24a83005541b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:11+00:00, 2024-05-07T13:24:34+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/9b68ddfb3774b1a7929de6e484aca49a.json

178.253.29.51

200 OK

167 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/9b68ddfb3774b1a7929de6e484aca49a.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
167 B (167 bytes)
Hash
03158ff80c6e448da55d5672eb032b77
fc39a273b30415c7431f21fecdc4a5bf2694c7e2
e584a61ab508b69c5b9a4ab2e4dd86e3b7e7094547c4739d048ab1f639a8025c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/9b68ddfb3774b1a7929de6e484aca49a.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
content-length: 167
last-modified: Tue, 22 Aug 2023 06:44:19 GMT
etag: "03158ff80c6e448da55d5672eb032b77"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/9ba535914db3ddc8eb4cd9c33970f985.json

178.253.29.51

247 B

URL
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/9ba535914db3ddc8eb4cd9c33970f985.json
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
247 B (247 bytes)
Hash
79ed9f5ec44ed7e9046a1f856c311fe6
07ba52cb4b6a17d25b51a7043e0efcfdee4d142e
1762a2918f104e460c0a14e51f0827de5ba34d3258f791e00e175fc6f215f804

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/9ba535914db3ddc8eb4cd9c33970f985.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
content-length: 247
last-modified: Wed, 02 Aug 2023 12:48:41 GMT
etag: "79ed9f5ec44ed7e9046a1f856c311fe6"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js

172.64.148.184

200 OK

46 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
46 kB (45911 bytes)
Hash
9d83f683cacf2dd1b5ae5f476a07b5d9
ebf5de956fb1990d7c04dbcb7e1ad37a57748f3c
ac929e8e8b7458048e905803888825bf2e67bd6c8765aa11c82dc92851a065dd

HTTP Headers

GET /_next/static/chunks/framework-49f1e091cbf6b261.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 06:59:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 11 Mar 2024 06:37:37 GMT
etag: W/"22695-18e2c3b24d9"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 649225
expires: Thu, 08 May 2025 06:59:40 GMT
server: cloudflare
cf-ray: 8807917efd485693-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js

185.244.209.62

200 OK

504 B

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Java source, ASCII text, with very long lines (503)
Size
504 B (504 bytes)
Hash
5387051085dcc459e7077d5d8000b85d
d22afab6c65228f0056f66e4f150783f6014e36b
34377c13fd72112cac96fba3642f084661361aea701a70ba3702c82c9bb42790

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: text/javascript; charset=utf-8
content-length: 504
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: "5387051085dcc459e7077d5d8000b85d"
x-amz-meta-mtime: 1714551564.675873475
expires: Thu, 02 May 2024 15:20:53 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1dfacae1f8faaffadc5559e7a3f4138c-58699e0453d1037b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:53+00:00, 2024-05-07T19:42:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/checker/redirect/stat/run/

178.253.29.51

200 OK

12 kB

URL GET HTTP/2
1xlite-461430.top/checker/redirect/stat/run/
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
12 kB (11830 bytes)
Hash
741934b89418d344f6b45d01fe7ddae7
2875d1bff3ba4850c36d335664cb596c17eb6fcf
488059f86ea7968767b02087d83b3e500aa5b3686e6b2522d967ff80eb6c6af9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
x-time-ng: 0.001
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

1xlite-461430.top/web-api/registration/fields

178.253.29.51

16 kB

URL
1xlite-461430.top/web-api/registration/fields
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
16 kB (15639 bytes)
Hash
3b5fc74c6bee5ffbc649f663e5f6c1a3
0f00adb4eb180726ecd2abcc2317a29beceb13bd
fe1005c8a0940ff6384b2b89aa744d692b9aed79f1d72cecfa11d1bb11fa7294

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /web-api/registration/fields HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
Content-Length: 19
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=84, dt_total;dur=86.502, wf-uht;dur=0.101
traceparent: 00-e9082090af66a5afb06717d136edb831-2dad51f25baadba9-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.086
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-461430.top/bff-api/config/all.json?lang=en

178.253.29.51

36 kB

URL
1xlite-461430.top/bff-api/config/all.json?lang=en
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
36 kB (35973 bytes)
Hash
f4401bb4d010c4763c96028a0a107b24
a6d4e80eb1ef1059dac2dd3c019c72fd29a94d63
c99ca6ebb9123a2b284a5182cb1e702d3c34a75a8c3679023d397b487113993d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /bff-api/config/all.json?lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
x-geoip2-country-code: ru
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=4.66, dt_total;dur=47.998, wf-uht;dur=0.064
traceparent: 00-aa8e1b48a52303bada2a3f1d0a5d1f64-13461b560f7338cf-01
vary: Accept-Encoding
x-cache-expire: 594
x-cache-hit: 1
x-dt: 285
x-time-ng: 0.031
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/RefGameService/FindMainLiveByLineId?id=211655412

178.253.29.51

200 OK

253 B

URL GET HTTP/2
1xlite-461430.top/service-api/RefGameService/FindMainLiveByLineId?id=211655412
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
253 B (253 bytes)
Hash
edb4db981ea791f95f9777ced49e1aae
1db6d37a41bad7def2d9206f04c007d8e0b6783e
3a7381a3d430fc7afc1fcd7f53fabcffb2bd87d90ea2856f17bb0261fa57a0dc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/RefGameService/FindMainLiveByLineId?id=211655412 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: application/json; charset=utf-8
content-length: 253
cache-control: private,max-age=5
content-encoding: br
vary: Accept-Encoding
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e146d07dba2ed6087cb9b401ce8b1b43.json

178.253.29.51

200 OK

413 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e146d07dba2ed6087cb9b401ce8b1b43.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
413 B (413 bytes)
Hash
338264fc869e8f0b86b0d6c9d92102b0
83b4d35816df0e1486b766251e74d23f28b77824
015355a44429f40dd63b566dd1e9b1b76af3dfa28dcd25a43e82820ba0847b8d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/e146d07dba2ed6087cb9b401ce8b1b43.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 02 Feb 2024 08:33:56 GMT
etag: W/"338264fc869e8f0b86b0d6c9d92102b0"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.330/285/sports.svg

185.244.209.62

200 OK

173 kB

URL GET HTTP/2
v3.traincdn.com/sys-icons/1.0.330/285/sports.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
173 kB (173134 bytes)
Hash
52f4187d477e930f8ccb6127cf0e57ed
8653f04d99ede2295042b311d83318d207443776
d49a3ee1f58215a9254cd2827a83d1c43e394cd29fce6a5ebeb9f30bf6a83af2

HTTP Headers

GET /sys-icons/1.0.330/285/sports.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Apr 2024 09:41:01 GMT
etag: W/"0c52e0c32f8f2667a72e0d57b63e02a3"
x-amz-meta-mtime: 1713260458.138664539
content-encoding: gzip
expires: Fri, 19 Apr 2024 12:42:13 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-174e7f5389e3a84a3133ea3926713c71-e52bab8a49396f36-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:42:13+00:00, 2024-05-07T22:05:27+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js

172.64.148.184

2.2 kB

URL
widget.suphelper.top/_next/static/chunks/webpack-fb94d2f19425a3e3.js
IP
172.64.148.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
2.2 kB (2215 bytes)
Hash
d7eb526e94046bae9cfcb7ed2734cd8b
50ec3488955fa6fbd82c198853c1be65a99d3b7d
1ea553aa7224a6ac052f19fb70929fc03fee8c77b9f64c94ab9cf40c5bec64b9

HTTP Headers

GET /_next/static/chunks/webpack-fb94d2f19425a3e3.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 06:59:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"ed0-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 649225
expires: Thu, 08 May 2025 06:59:40 GMT
server: cloudflare
cf-ray: 8807917efd435693-OSL
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/62bd07c5cb50.js

185.244.209.62

200 OK

1.5 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/62bd07c5cb50.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
1.5 kB (1475 bytes)
Hash
43710f66d95decaba33e8ca3641e6a4b
01eed6744edd91dc262e7bfa526fac538190fc64
6bde5bb61f7753c0279e62f43adb97157e9ec7557bb03f98604a6b15f23094c0

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/62bd07c5cb50.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"942da12c1a44ccf257f6ea3e09ed3175"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f58e88d9a17730337131ebad13febd7e-55d17992a8d91006-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-07T17:01:37+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/ca4afaee0b24.css

185.244.209.62

2.1 kB

URL
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/ca4afaee0b24.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
2.1 kB (2099 bytes)
Hash
7eb64fd7d755fb322b77d8b73ed04899
c81503e37efe27b5762cbba59a2a97c2e2297e91
40e3fe1f974e99e20dbb26b235dab8f6a9482134fe25f8c30afcb893c7576b58

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/ca4afaee0b24.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: W/"b983d54b397dc3b958e795bda594ea1c"
x-amz-meta-mtime: 1714551564.675873475
content-encoding: gzip
expires: Thu, 02 May 2024 12:39:35 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e68769a17fe3d34951ad590f7ff3ef83-ebeff85a973915ef-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T12:39:35+00:00, 2024-05-07T17:30:56+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/web-api/default/img/icons/pixels2.svg?v=1715151579

178.253.29.51

243 kB

URL
1xlite-461430.top/web-api/default/img/icons/pixels2.svg?v=1715151579
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced
Size
243 kB (242856 bytes)
Hash
cc3b119a5d4ad9a24b532b92594170fe
0cfff81b4cdd69f7eb2904d98b3ca3c3d7dee830
5c068d893379a7fbd8196d9e751013d23e8bef09192330ac7d2b4661167d1ae5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/default/img/icons/pixels2.svg?v=1715151579 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=20, dt_total;dur=21.157, wf-uht;dur=0.034
traceparent: 00-8b44c147b8fece3f4f9c0856d59c4237-5d86149cec8ec75b-01
x-dt: 285
x-time-ng: 0.021
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/sys-ui/3.2.2/Desktop/Default/client.css

185.244.209.62

200 OK

415 kB

URL GET HTTP/2
v3.traincdn.com/sys-ui/3.2.2/Desktop/Default/client.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
415 kB (415145 bytes)
Hash
c1c8567834d3f9d919d855eb090fbcce
f013eef27b8972fc65319d6870ef504c7c46d70b
10c3ea57b9049b9f438546fa006c1c8c92018c28c624b23f45103671486632c9

HTTP Headers

GET /sys-ui/3.2.2/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 19 Apr 2024 10:16:19 GMT
etag: W/"e4b8405071f7ea0e1aa13cd501543a44"
x-amz-meta-mtime: 1713521458.745453226
content-encoding: gzip
expires: Sat, 20 Apr 2024 11:51:17 GMT
cache-control: max-age=86400
x-time-ng: 0.010
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0c2f06d920f7b5211804b401d973ad75-73f274b3f80a9727-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-19T11:51:17+00:00, 2024-05-07T14:34:20+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/desktop/media_asset_sub/ce38b0871c0a49195d06248995ecf4e6.webp

185.244.209.62

200 OK

32 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/desktop/media_asset_sub/ce38b0871c0a49195d06248995ecf4e6.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1380x224, Scaling: [none]x[none], YUV color, decoders should clamp
Size
32 kB (31464 bytes)
Hash
64a829ef40c07c7255a92a546ffe6412
31b23381d5bd3d0c0326daad22b6f550d866e5d7
004a2a3c1d0a6e3c5c3fa5beaca666ad70b4c6cbd960395f5b0f5801a404e151

HTTP Headers

GET /genfiles/cms/desktop/media_asset_sub/ce38b0871c0a49195d06248995ecf4e6.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: image/webp
content-length: 31464
last-modified: Thu, 25 May 2023 08:53:21 GMT
etag: "64a829ef40c07c7255a92a546ffe6412"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-25cd08176be28e9d41a2ce1cc0f73aba-d8cb75c17af3cb5b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:08:42+00:00, 2024-05-08T06:07:58+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1

178.253.29.51

200 OK

67 B

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
67 B (67 bytes)
Hash
356a755160619fcbe850aae01879e375
29192606f35c2b9f929939371b89044e2fd787e7
6b3c8c41f9f19e4f639b40ea002af843f5219ed9abe7d4398c7edb4648f89a33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: application/json; charset=utf-8
content-length: 67
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:42 GMT
vary: Accept-Encoding
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/aa6acd622b31a2a6ee8785b888acb885.json

178.253.29.51

200 OK

543 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/aa6acd622b31a2a6ee8785b888acb885.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
543 B (543 bytes)
Hash
2f999350fc2eea344d910e8a01de406d
bcfeaa8fadc7ca87115d7e36c955bd0df504b8ad
c73c55fa3a522662241013a108e6043dd4cde3fbfa2be0ed4a4940582e26ed36

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/aa6acd622b31a2a6ee8785b888acb885.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 543
last-modified: Thu, 29 Feb 2024 14:14:28 GMT
etag: "2f999350fc2eea344d910e8a01de406d"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/f385e6db/_ssgManifest.js

172.64.148.184

200 OK

883 B

URL GET HTTP/2
widget.suphelper.top/_next/static/f385e6db/_ssgManifest.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
883 B (883 bytes)
Hash
401e9b88e212c156aa4af2b5fb0bf8d7
d683b22ee239f92670f1569d65f8413732e9ab89
27e70c151946cde5ae641acebda8e924679e2c1c9431e4c93e2d11ad3bb24eeb

HTTP Headers

GET /_next/static/f385e6db/_ssgManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 06:59:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"4d-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 517930
expires: Thu, 08 May 2025 06:59:40 GMT
server: cloudflare
cf-ray: 8807917f1d6e5693-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/a5fb58ca69bd2b0d9a96f3c4ff095767.json

178.253.29.51

66 kB

URL
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/a5fb58ca69bd2b0d9a96f3c4ff095767.json
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
66 kB (65991 bytes)
Hash
f0ceeb93fa2f908d3011bd1917234b90
8bba1dd5af86d245b6a8bc6a2789f4ff24333001
d7d000daefcd0de58430585b22ac4d776cf8500964b140356dcc5c98a7e0273f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/a5fb58ca69bd2b0d9a96f3c4ff095767.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 26 May 2023 16:17:19 GMT
etag: W/"f0ceeb93fa2f908d3011bd1917234b90"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/aecbb538226cb01dc9a85286edcff171.json

178.253.29.51

182 B

URL
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/aecbb538226cb01dc9a85286edcff171.json
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
182 B (182 bytes)
Hash
e4c69ca8e3916987138c95a26642f53a
411149ef1233c191122618916dc7fa4965a30f7c
9bbbe99b83a20d3d0bd65ab0b343de560c6d437a74a4835786bbd6a58bb0e08e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/aecbb538226cb01dc9a85286edcff171.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 182
last-modified: Tue, 11 Apr 2023 17:53:40 GMT
etag: "e4c69ca8e3916987138c95a26642f53a"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js

172.64.148.184

200 OK

1.0 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/f385e6db/_middlewareManifest.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
1.0 kB (1020 bytes)
Hash
93612a234bf101c7d90e5bd6b3c8ed2a
7ed84a2f49371cb8c01fd70a953905bb4149c1bf
0745028b41a3a27afedd95068ff49c5c931b5d69fb307f5e2270e8098f1d6cfa

HTTP Headers

GET /_next/static/f385e6db/_middlewareManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 06:59:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"5c-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 517930
expires: Thu, 08 May 2025 06:59:40 GMT
server: cloudflare
cf-ray: 8807917f1d705693-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/deee851bab70137a6ff846c91be5a425.json

178.253.29.51

184 B

URL
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/deee851bab70137a6ff846c91be5a425.json
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
184 B (184 bytes)
Hash
36777c63209967831ddd2926e229b69b
7a59de3bd5fd0406a1becbd4fc6bdb49a996a0fa
c2087429233dc14f1ad96cf9b7d1f4ecf0f32fabab7fc37999644a488d10dbc2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/deee851bab70137a6ff846c91be5a425.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 184
last-modified: Thu, 09 Nov 2023 06:22:56 GMT
etag: "36777c63209967831ddd2926e229b69b"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/dc5d190996ae45dfea78e34261413044.json

178.253.29.51

200 OK

349 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/dc5d190996ae45dfea78e34261413044.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
349 B (349 bytes)
Hash
946a6ec7822e4a0488b1b37257a08f44
64bfcd5d5b44c7f8b99cd9c749ffbda903156860
e25731577d1975202883680e65d61f5ccc3f74509baa90f2b06086e01f04915d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/dc5d190996ae45dfea78e34261413044.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 349
last-modified: Thu, 20 Apr 2023 10:23:24 GMT
etag: "946a6ec7822e4a0488b1b37257a08f44"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/aa5b82508b9b78c615c87b4fce50b5cd.json

178.253.29.51

254 B

URL
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/aa5b82508b9b78c615c87b4fce50b5cd.json
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
254 B (254 bytes)
Hash
e98ab276a935ed5ddb1d9f62601846cd
8ff1502abea960ceadb3a30d8d0151496e9b3195
281c4303a3fb17867fd7495ccbd75390a5a7710609cb2e002eea3b008fd3e987

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/aa5b82508b9b78c615c87b4fce50b5cd.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 254
last-modified: Mon, 05 Jun 2023 11:45:03 GMT
etag: "e98ab276a935ed5ddb1d9f62601846cd"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/statistic/api/v1/Status/1/530091694

178.253.29.51

200 OK

1.0 kB

URL GET HTTP/2
1xlite-461430.top/service-api/statistic/api/v1/Status/1/530091694
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
1.0 kB (1035 bytes)
Hash
9d1238f0b854c7ba8042dd674f07ccf6
e72f340d31fa59d25934484157bbbeb26015333e
546a88e59505b761ca720e4e4598781c48a1e644b96be617e3be0ee85aa4c16c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/statistic/api/v1/Status/1/530091694 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json; charset=utf-8
content-encoding: br
vary: Accept-Encoding
api-supported-versions: 1.0
x-time-ng: 0.005
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/21693cb8e300994c5e11861095082440.json

178.253.29.51

200 OK

718 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/21693cb8e300994c5e11861095082440.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
718 B (718 bytes)
Hash
b3f49765f8391c5fa72014c71f6c80a2
ca7d0bbf9982462654f4bcebb16990f492070217
3602e0757e12119f95edde68c94ea7ec8891bcf493b12fe0bad54e9220c596f2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/21693cb8e300994c5e11861095082440.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 718
last-modified: Tue, 31 Oct 2023 09:19:23 GMT
etag: "b3f49765f8391c5fa72014c71f6c80a2"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/ef34944c28aa3f892589e2b88eda81af.json

178.253.29.51

200 OK

252 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/ef34944c28aa3f892589e2b88eda81af.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
252 B (252 bytes)
Hash
92c62473a8c3ca07502fb3545c3da382
df3c12532e3e88cb62403860989434fe036a7b0f
51db21dd1a334070c9921a4b950f511ee56d6b50994eee1fe74498c840b37945

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/ef34944c28aa3f892589e2b88eda81af.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 252
last-modified: Fri, 08 Sep 2023 07:33:51 GMT
etag: "92c62473a8c3ca07502fb3545c3da382"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/73ca1af67e7f842114b510958deb349c.json

178.253.29.51

410 B

URL
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/73ca1af67e7f842114b510958deb349c.json
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
410 B (410 bytes)
Hash
8c10213a7a824ea7d0c281e60157f4bd
7f9cb14aa6b1faa461ba28b25b6b5231864cca3e
0d876007c13578287e220139bf887da1282306457953ce5d2eb946689daf9781

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/73ca1af67e7f842114b510958deb349c.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 410
last-modified: Thu, 03 Aug 2023 06:57:23 GMT
etag: "8c10213a7a824ea7d0c281e60157f4bd"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/2a47f0a9f650f9153131a19cd8b0c976.json

178.253.29.51

200 OK

171 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/2a47f0a9f650f9153131a19cd8b0c976.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
171 B (171 bytes)
Hash
0c11e9a817e806056c3e4fb21f2576de
73f6c4a3d057b9120f2b523da91252870cf40d3b
07b66bbff483ee7002e2285e4d8fd33dbb8569119d3e38fcf623f846b33e8c22

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/2a47f0a9f650f9153131a19cd8b0c976.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 171
last-modified: Wed, 02 Aug 2023 16:49:02 GMT
etag: "0c11e9a817e806056c3e4fb21f2576de"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/aa1008aeed92b528cae74cfbb9e28ae5.json

178.253.29.51

170 B

URL
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/aa1008aeed92b528cae74cfbb9e28ae5.json
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
170 B (170 bytes)
Hash
44190be14fa1d804fcd1ce7a92baddb7
96acf8f8845be0e5d005ff237f98fafa824e91d8
37edcfbf2adb609c4b20701db465f868fb9f3767c3c82ea2146bf1d97733d183

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/aa1008aeed92b528cae74cfbb9e28ae5.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 170
last-modified: Wed, 02 Aug 2023 17:36:49 GMT
etag: "44190be14fa1d804fcd1ce7a92baddb7"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d492f4568b81.js

185.244.209.62

200 OK

1.5 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d492f4568b81.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
1.5 kB (1509 bytes)
Hash
64c802be7c88e1781e30934950bb178a
847df8e6fad04a0671b0c32395b714867d85de65
2a8ebbceb3295e37fcb7fc0bdfe46b325c155b523e52ee56b99c7241f1712ac0

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/d492f4568b81.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: W/"1ca49088b69c49762c2b4dab10ebe060"
x-amz-meta-mtime: 1714551564.675873475
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0dca35cd72fb1658c9a12c67a10e466e-fd73f594d84c86a5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-07T17:01:38+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js

185.244.209.62

14 kB

URL
v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
14 kB (13641 bytes)
Hash
9932ff70f295b9a878f34b00cc38d768
ccc253197980a112e9dec83c46bb244cb50d6046
07f33a05cca4cd3ef245dc4e2c4dfa9b3a69a878377bae21ae92f1aeb97bc35b

HTTP Headers

GET /sys-static/shared-assets/__shared_localforage_PLMWICWN.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 09:11:40 GMT
etag: W/"dfa127e93d125d4f6c566203eaf225f2"
x-amz-meta-mtime: 1715072814.257664589
content-encoding: gzip
expires: Wed, 08 May 2024 15:18:12 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7066b8e475ff22e40d85ecece776f02f-36a8e7ce75dff43e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:18:12+00:00, 2024-05-07T16:01:01+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6383baf4fc61037b3c4990e9b55f947b.json

178.253.29.51

8.4 kB

URL
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6383baf4fc61037b3c4990e9b55f947b.json
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
8.4 kB (8361 bytes)
Hash
5964e3e4fd5fa89ee9aee228e1572aa9
a2496d82f9dd777e1095c853e4fe281f33ce131f
6483a840daa604ea63da72f2defeb1cc09e4e4ee09243966f7d7ba49e351e940

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/6383baf4fc61037b3c4990e9b55f947b.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 05 Dec 2023 11:58:07 GMT
etag: W/"5964e3e4fd5fa89ee9aee228e1572aa9"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/sys-ui/2.2.11/Desktop/Default/client.css

185.244.209.62

200 OK

180 kB

URL GET HTTP/2
v3.traincdn.com/sys-ui/2.2.11/Desktop/Default/client.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
180 kB (179823 bytes)
Hash
0a352f9e8e5211a0f8c0acd243f03ac2
623a9b0a49a8299fefb92361dc00bf4fc40327b5
4cb60050d53da8f646d70e05454e3ecbca91224d206e09f7f3c4f34777bbdbd2

HTTP Headers

GET /sys-ui/2.2.11/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css; charset=utf-8
last-modified: Tue, 23 Apr 2024 11:41:52 GMT
etag: W/"5be31e73f9aaf3c05331c4f0cd80e4d9"
x-amz-meta-mtime: 1713872392.088051093
content-encoding: gzip
expires: Wed, 24 Apr 2024 14:28:29 GMT
cache-control: max-age=86400
x-time-ng: 0.008
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-da0aab86a48251287558fdccaed4dd18-183ab65afdbfdd67-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-23T14:28:29+00:00, 2024-05-07T14:49:34+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LineFeed/GetExpressDayExtendedZip?lng=en

178.253.29.51

200 OK

645 B

URL GET HTTP/2
1xlite-461430.top/service-api/LineFeed/GetExpressDayExtendedZip?lng=en
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
645 B (645 bytes)
Hash
99623f54858431c8921356c88d616841
0616137e833c0b509113f6074ff5be7af45db8d5
15a92c4459593382ab2e031a05cd9a1d09e21866a4ad4cd21050542d33c278fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LineFeed/GetExpressDayExtendedZip?lng=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json; charset=utf-8
content-length: 645
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:43 GMT
vary: Accept-Encoding
x-time-ng: 0.007
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.015
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/f44f14b6b316.js

185.244.209.62

933 B

URL
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/f44f14b6b316.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
933 B (933 bytes)
Hash
1c6d7b4f5fdf854ea6d287b1f20db8f9
0c9cb24905492e3aeb3bd0a4d52239721d724c06
176c2c50242869b228b1be2c81eb585a8b1a6246e5742f1b78c6d5c748c42132

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/f44f14b6b316.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: W/"22e67b67b6c959d57aa78ae317120f36"
x-amz-meta-mtime: 1714551564.675873475
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ff0e14752d24ea992144ffee969885d6-a98dc66b5695e8da-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-07T17:01:38+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66

178.253.29.51

200 OK

2.3 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
2.3 kB (2279 bytes)
Hash
3bdc8cef37db60440c09b3d93444a952
ba03cd9ade85430f59d69b47fcaa755f6df0dca8
76f95a955db3cbe2c5e82863bdce97bf89b59045bf73d9c9875ce2df686aec0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:44 GMT
content-type: application/json; charset=utf-8
content-length: 2279
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:44 GMT
vary: Accept-Encoding
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137

178.253.29.51

200 OK

259 B

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
259 B (259 bytes)
Hash
2bc6a7dfea22a69ab35946463edf2753
94716f276d6696366c18b065a2c6ef638a28c89f
5adc56c5dd4970cc93251ab69b375b2e3d3a1767ddccdc6ae510a29362a37115

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:44 GMT
content-type: application/json; charset=utf-8
content-length: 259
cache-control: no-cache
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:44 GMT
vary: Accept-Encoding
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true

178.253.29.51

200 OK

4.4 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
4.4 kB (4386 bytes)
Hash
cc2fb309b2b919b05146dd833aa3a310
c75160f0a37c5a4a0e9db66b914d8166750fe9ac
291d9c8da64469d8187308c29a4c5c72e31b5444038199259bcf7ef8f709dd97

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:44 GMT
content-type: application/json; charset=utf-8
content-length: 4386
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:44 GMT
vary: Accept-Encoding
x-time-ng: 0.010
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.018
X-Firefox-Spdy: h2

1xlite-461430.top/web-api/external-api/config/getVideoAccessConfig

178.253.29.51

200 OK

17 kB

URL GET HTTP/2
1xlite-461430.top/web-api/external-api/config/getVideoAccessConfig
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
17 kB (16720 bytes)
Hash
cb0bc8eedc642fc591c0eef57e6c67e5
6c62aeececef0a5ff474bb21bf569ad8d48f6bd0
c57136f602923fc19534e58f7da5a483616d80031222372e19a29fd6f22b0a0e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/external-api/config/getVideoAccessConfig HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=20, dt_total;dur=22.055, wf-uht;dur=0.034
traceparent: 00-7c8c762a8d2d9d24f5ba5ff0b27b168e-00c7365b570e167f-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.021
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/7cd60910516beb3b6f7ce4b87fe18f33.webp

185.244.209.62

642 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/7cd60910516beb3b6f7ce4b87fe18f33.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
642 B (642 bytes)
Hash
d2bcf6bebf33d73efc3768edf2c596b1
e4610d7939076d8e7a3b9be74c898ce92e0f00a8
fcdf180ddb068fbe10d3e719063a58e68efe334b11cb5d661817217b3a440cfa

HTTP Headers

GET /resized/size16/sfiles/logo_teams/7cd60910516beb3b6f7ce4b87fe18f33.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/webp
content-length: 642
cache-control: max-age=94608000
content-disposition: inline; filename="7cd60910516beb3b6f7ce4b87fe18f33.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 01:57:40 GMT
x-request-id: fd3df74a64fd43f9be0efff70ba55303
x-time-ng: 0.053
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-cae486c002172aad97d3ac03c0ab687d-2c78154f119c3d45-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T01:57:40+00:00, 2024-05-08T05:57:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/beac5392590d1b4d5342cd3a84b891fc.webp

185.244.209.62

200 OK

804 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/beac5392590d1b4d5342cd3a84b891fc.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
804 B (804 bytes)
Hash
3b506774c007b3942d3b3fa56815f99a
4814ebffff72c15e2901a6e4d63aba9a12ebd7b1
333b4c36b2e7f34903b14386db4d4154a33e9ada001ada0a7c082392139eb7c2

HTTP Headers

GET /resized/size16/sfiles/logo_teams/beac5392590d1b4d5342cd3a84b891fc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/webp
content-length: 804
cache-control: max-age=94608000
content-disposition: inline; filename="beac5392590d1b4d5342cd3a84b891fc.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 01:57:40 GMT
x-request-id: 5c8c11e92a1fe0f763bde8b2a72acf3d
x-time-ng: 0.080
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a9ce865f40212a6da433d2fe038eee84-e36f3cecc4856efc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T01:57:40+00:00, 2024-05-08T05:57:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js

172.64.148.184

28 kB

URL
widget.suphelper.top/_next/static/chunks/7413e8b9-8adee4b5b5407a55.js
IP
172.64.148.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
28 kB (27868 bytes)
Hash
6ebda2447327e01b84a18e7d023ada3e
dea23d5d7ea625f38abb4b98d2ae321812898e9c
59b930443430129498c3b32ed0b98f9eaf03ad59a7efec0937d77bc23eadba2a

HTTP Headers

GET /_next/static/chunks/7413e8b9-8adee4b5b5407a55.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 06:59:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 22 Jan 2024 07:49:06 GMT
etag: W/"12fe9-18d3024f9c4"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 649225
expires: Thu, 08 May 2025 06:59:40 GMT
server: cloudflare
cf-ray: 8807917f0d5d5693-OSL
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/569a03e5a72d5c6c6e99759a8434f9a0.json

178.253.29.51

200 OK

5.4 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/569a03e5a72d5c6c6e99759a8434f9a0.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
5.4 kB (5443 bytes)
Hash
13256f675a6331a94efab4982cf40e7b
afae37f35cc527f5445770a22b0a66334c3a2dd6
69c0982bb2ce8af5bb0c27095273ecc1e061f5b59f8262e8719e2ec36138e1f0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/569a03e5a72d5c6c6e99759a8434f9a0.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 26 Mar 2024 16:16:06 GMT
etag: W/"13256f675a6331a94efab4982cf40e7b"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.330/285/common.svg

185.244.209.62

200 OK

61 kB

URL GET HTTP/2
v3.traincdn.com/sys-icons/1.0.330/285/common.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
61 kB (60572 bytes)
Hash
4124bae82bb8fe1be94fc77fdd3369ee
3382f709c593994b8b3773539745d05e18143b97
5d9835d1b26e136d69be8332d2bfd6d2e59cd2342704bdd0560a8a84bd583772

HTTP Headers

GET /sys-icons/1.0.330/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Apr 2024 09:41:01 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713260458.134664491
content-encoding: gzip
expires: Fri, 19 Apr 2024 12:42:12 GMT
cache-control: max-age=86400
x-time-ng: 0.001
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7738c9cba5de918d791654b5bdb65aa9-3059cc9fa49bd408-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:42:12+00:00, 2024-05-07T15:30:09+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/f385e6db/_buildManifest.js

172.64.148.184

200 OK

6.6 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/f385e6db/_buildManifest.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
6.6 kB (6613 bytes)
Hash
18bd4d8854e6419435dc29d2e12b3a7a
40d80215c405cecb784e96408e01fc8aaae13b6a
a3f94ab581410432b0ed52e4eba5e5e9c998d6160f58b04523f8539544dccdbe

HTTP Headers

GET /_next/static/f385e6db/_buildManifest.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 06:59:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"207-18f381bf92a"
vary: Accept-Encoding
cf-cache-status: HIT
age: 517924
expires: Thu, 08 May 2025 06:59:40 GMT
server: cloudflare
cf-ray: 8807917f0d6a5693-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size14/sfiles/logo_teams/29fd72c1408994a278ef99730c411356.webp

185.244.209.62

778 B

URL
v3.traincdn.com/resized/size14/sfiles/logo_teams/29fd72c1408994a278ef99730c411356.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
778 B (778 bytes)
Hash
811a8fe889dad0706bfb7dcc4665f2a4
6a1beceaaafb049efeb792d48dcc4d791467178c
9dc19d7c3c7b2ddd6a095b0242aec1b21730a366aa50ad63e31c414bb05363c1

HTTP Headers

GET /resized/size14/sfiles/logo_teams/29fd72c1408994a278ef99730c411356.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/webp
content-length: 778
cache-control: max-age=94608000
content-disposition: inline; filename="29fd72c1408994a278ef99730c411356.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 06:02:59 GMT
x-request-id: d1a900900f7c0a70c27dd845ea56145a
x-time-ng: 0.029
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c6056adf54bd5bd8a0a77e9ecfd74ba5-74a79a2acce45a6f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T06:02:59+00:00, 2024-05-08T06:34:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_6.json

185.244.209.62

200 OK

4.2 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_6.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
4.2 kB (4179 bytes)
Hash
fe323eb689bd9f769cbfeb2e6bfd04d5
6a18440c2fdc669a1e7b5b6c115b700d436b1a3d
23593ca822b7ec96767d95de4241be42acac5ece6850a5f4dcc833c7dea09361

HTTP Headers

GET /genfiles/cms/betstemplates/bets_model_short_en_6.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: application/json
last-modified: Thu, 02 May 2024 09:18:51 GMT
etag: W/"61cee991faec759fa5b74147af9fa391"
content-encoding: gzip
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ef7024d3de69bfc6b716c335b840556b-3ae89133e2bb7cc2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T14:55:37+00:00, 2024-05-08T06:51:01+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js

172.64.148.184

200 OK

30 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
30 kB (30258 bytes)
Hash
b11d66f3536a162132d8cbffb2bc3f1b
95fd17d9b032d521dc08edc88d18d17a06b73a97
9030156c27cd5c9119a17d72e51bb14fd65a1fbe0165a96c4b8f4eadeeced221

HTTP Headers

GET /_next/static/chunks/main-fa1d3b21fd97b583.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 06:59:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"1a544-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 643665
expires: Thu, 08 May 2025 06:59:40 GMT
server: cloudflare
cf-ray: 8807917f0d4a5693-OSL
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/648a21a.css

83.147.204.194

200 OK

318 B

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/css/648a21a.css
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (318), with no line terminators
Size
318 B (318 bytes)
Hash
e3478d364dbd32245594c99d2c172db8
450e3d809549edd549945243fb2acbac13b6ae2d
8c14d97f27235e4e42b0c2c37394f1fc044cd854f008df70c9132e0459695e9d

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/648a21a.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
content-length: 318
last-modified: Sat, 04 May 2024 11:36:16 GMT
etag: "e3478d364dbd32245594c99d2c172db8"
x-amz-meta-mtime: 1714822493.669209021
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/eec4982.css

83.147.204.194

733 B

URL
eventsstat.com/statistic-app/sys-static/desktop/default/css/eec4982.css
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (733), with no line terminators
Size
733 B (733 bytes)
Hash
f1a7603a2ad1c1e611e0fb0bcefb4701
101db4b8f65d093d07b2400edbf54e677cef65aa
a8ab70d284bf4a000b13c931ace9912c1b42af9e5846c17a1aa5d050f712e5ab

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/eec4982.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
content-length: 733
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: "f1a7603a2ad1c1e611e0fb0bcefb4701"
x-amz-meta-mtime: 1714822493.665209092
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/e59bca1.js

83.147.204.194

200 OK

354 B

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/e59bca1.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
JavaScript source, ASCII text, with very long lines (354), with no line terminators
Size
354 B (354 bytes)
Hash
4c46b2cb54d616fa15d8ffbed51b7559
64cc8f65ca56af674398bf7df9faee34fe28fe4c
df2771d83a9c112e584085a24c210c8223349b4e5a6dfdebd18b79f251c5d0de

HTTP Headers

GET /statistic-app/sys-static/desktop/default/e59bca1.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 354
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: "4c46b2cb54d616fa15d8ffbed51b7559"
x-amz-meta-mtime: 1714822493.669209021
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/637bf31.js

83.147.204.194

200 OK

365 B

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/637bf31.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
JavaScript source, ASCII text, with very long lines (365), with no line terminators
Size
365 B (365 bytes)
Hash
048c2f63f9b9e5daf4059b765f6e0672
6abe57c90cf7bbbb6e5a18a1b9fd5c14bd7458aa
c41a9790fa2c5b58ac7c95fbbc8ddccade234bd65213738ecf97f17adfacae5c

HTTP Headers

GET /statistic-app/sys-static/desktop/default/637bf31.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
content-length: 365
last-modified: Sat, 04 May 2024 11:36:16 GMT
etag: "048c2f63f9b9e5daf4059b765f6e0672"
x-amz-meta-mtime: 1714822493.665209092
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/9f31d0733e989f43142479113dd9bbe3.json

178.253.29.51

936 B

URL
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/9f31d0733e989f43142479113dd9bbe3.json
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
936 B (936 bytes)
Hash
10c1115006acc1794a4b29455feadbeb
b611d351416ec819b38a130ee4621879481a551a
ea21299773a7fb7d631c4f6b0369f0d2e0fbd8a58718260aa981257b16b5b031

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/9f31d0733e989f43142479113dd9bbe3.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 07 Dec 2023 11:53:55 GMT
etag: W/"10c1115006acc1794a4b29455feadbeb"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/674665b11997.js

185.244.209.62

308 kB

URL
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/674665b11997.js
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
308 kB (307667 bytes)
Hash
74f884400ed9034f9c3a4e9a6eaec943
6317e287e3494aa9f11d127d4ff41967497bf8e2
53082470aa4037a66c23d0d737d0d0e0b78ea1e41207e38b40cbe17edd8bb2de

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/674665b11997.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"4f4ecf4f95b6f6cf4fb1edad67c10f95"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:25:02 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-deb4ba6978d1da76f4bbdea45c593c68-c4d33eb782ebbbbc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:25:02+00:00, 2024-05-07T19:03:43+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_0.json

185.244.209.62

200 OK

4.6 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_0.json
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
4.6 kB (4596 bytes)
Hash
252649ba7cd0a106333f813c4f5f81e7
a066b10342170cc093a688735e4fe0cf5448e986
fdb1fa86ce7f43b374b179dc1974318825e05c5ce4211ff67b114bf32c185650

HTTP Headers

GET /genfiles/cms/betstemplates/bets_model_short_en_0.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:44 GMT
content-type: application/json
last-modified: Thu, 02 May 2024 09:18:51 GMT
etag: W/"d3e39abc76f19e176765d21ac9e70c5c"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d28b4fc2853287874c2808739a0c5294-95f05dbf635479b3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T10:49:13+00:00, 2024-05-08T06:47:28+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/d1a388459345ba7f328341bd4127c43a.webp

185.244.209.62

200 OK

860 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/d1a388459345ba7f328341bd4127c43a.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
860 B (860 bytes)
Hash
c5a08c6c4fe3f9979cdfa51801831b10
3eb8f84a3c1b77f199c966d0a0f10dfc1e260bef
6fa47ef0518cf1e4fecbd98580574e881ff43ac33057cdc32aaea026829e3a62

HTTP Headers

GET /resized/size16/sfiles/logo_teams/d1a388459345ba7f328341bd4127c43a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/webp
content-length: 860
cache-control: max-age=94608000
content-disposition: inline; filename="d1a388459345ba7f328341bd4127c43a.webp"
content-security-policy: script-src 'none'
expires: Tue, 06 Apr 2027 11:10:07 GMT
x-request-id: 2b5070809bf55ee4e0adad059776460c
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8aed55b3d8633c226bec21b802c0fc96-dca7d598619dec85-01
x-id: osix-hw-edge-gc4
cache: MISS, HIT
x-cached-since: 2024-04-06T11:10:07+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/6bcb3d9.js

83.147.204.194

200 OK

224 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/6bcb3d9.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
JavaScript source, ASCII text, with very long lines (21356), with no line terminators
Size
224 kB (224465 bytes)
Hash
ed38babdda9deb55d6e09f4bc3995fb5
1c259347f8a5c9bbc8c001b5cfa7bb8ee4ec641a
b657e9af403eb28a5adbbdc9049685e00cc6cc6a08c69f3fd02d63494ea19a70

HTTP Headers

GET /statistic-app/sys-static/desktop/default/6bcb3d9.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:16 GMT
etag: W/"ed38babdda9deb55d6e09f4bc3995fb5"
x-amz-meta-mtime: 1714822493.64920937
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/10475.webp

185.244.209.62

812 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/10475.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
812 B (812 bytes)
Hash
6aa564dcd488757c46c2a4e6533673af
86b1761d1a0a3f1dfe9c0ced5daa63ccce94c3dd
a80facdd8a5c1f6eb8578bc45cf74184e38ee4f2e978d0007bdbe056b140117e

HTTP Headers

GET /resized/size16/sfiles/logo_teams/10475.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/webp
content-length: 812
cache-control: max-age=94608000
content-disposition: inline; filename="10475.webp"
content-security-policy: script-src 'none'
expires: Tue, 23 Mar 2027 06:05:43 GMT
x-request-id: d4ebfc15a3e6661b3ed27c0d66c1b88c
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-99d79623985d2abce2872626e226d284-3cbf7b2065ef538e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-23T06:05:43+00:00, 2024-03-26T14:49:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/site-admin/colors/f60de5c9eabf4e3e2f1149075d3a68d7.css

185.244.209.62

200 OK

111 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/site-admin/colors/f60de5c9eabf4e3e2f1149075d3a68d7.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
111 kB (110750 bytes)
Hash
7dacca8affb14936d5eff5d1ab891592
1813d2726bb488f9556304439fec64f0e46070bb
9417700e413bb648d3e5358737ceee44691c344d7c6c99785c87b951f9a6bffc

HTTP Headers

GET /genfiles/site-admin/colors/f60de5c9eabf4e3e2f1149075d3a68d7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
last-modified: Tue, 07 May 2024 12:38:10 GMT
etag: W/"f60de5c9eabf4e3e2f1149075d3a68d7"
content-encoding: gzip
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cd9098e3d25bd2ba0e06aedea51c3ec1-1b22966969e377f2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T12:39:42+00:00, 2024-05-08T06:41:18+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/10521.webp

185.244.209.62

200 OK

804 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/10521.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
804 B (804 bytes)
Hash
e990c917d908cfe6064a9b33e5188950
adc9011a801bb4e3fa1e8c4c1ea2cbc0d15ead2e
22b48e03b092ff00da8ac34223c7e1dcadaae6c4187df8fcc9a7236a595e1162

HTTP Headers

GET /resized/size16/sfiles/logo_teams/10521.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/webp
content-length: 804
cache-control: max-age=94608000
content-disposition: inline; filename="10521.webp"
content-security-policy: script-src 'none'
expires: Mon, 12 Apr 2027 09:17:16 GMT
x-request-id: 09e533cb16d64b42385a1a4324a69a53
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ef2e90bc47ba2e4c8bd4205830b4ce05-6570b1934a98d203-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-12T09:17:16+00:00, 2024-04-12T16:25:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/c5e1ef97cf5319d0dd10dddb05deaca2.webp

185.244.209.62

200 OK

782 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/c5e1ef97cf5319d0dd10dddb05deaca2.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
782 B (782 bytes)
Hash
43d259daef0f787dd07a336cb4d3c6ba
c44e55d81474e1583306f651ae828bec5a34317f
7705abd288afddda53e23a40226a5559a7e133c7ffa2dbc762c7b6c054cf7f7b

HTTP Headers

GET /resized/size16/sfiles/logo_teams/c5e1ef97cf5319d0dd10dddb05deaca2.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/webp
content-length: 782
cache-control: max-age=94608000
content-disposition: inline; filename="c5e1ef97cf5319d0dd10dddb05deaca2.webp"
content-security-policy: script-src 'none'
expires: Tue, 23 Feb 2027 18:12:17 GMT
x-request-id: 7b81e4db923d31614a3612f89cdceda8
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.055
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fe47d0a4c311ad290d6bbeeedcb1381a-0bbfd3b3b16e429d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-24T18:12:17+00:00, 2024-03-13T21:55:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/web-api/default/img/icons/pixels2.svg?v=1715151581

178.253.29.51

34 kB

URL
1xlite-461430.top/web-api/default/img/icons/pixels2.svg?v=1715151581
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
PNG image data, 1 x 1, 8-bit/color RGB, non-interlaced
Size
34 kB (34284 bytes)
Hash
a338badbb3d379689e166eb115c96ca5
4e76ca5e2554525711c4b0c949f985fabafb2dcc
758a9abaa12f63300dfb7272900972f22003ce160eddc0d3bcc3ffa10aca2fe2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/default/img/icons/pixels2.svg?v=1715151581 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: image/png
cache-control: no-cache, private
server-timing: p;dur=14, dt_total;dur=15.126, wf-uht;dur=0.042
traceparent: 00-2b36c30444482a3044e91e2f7c474b71-ab2ce9a1e5a7135f-01
x-dt: 285
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js

172.64.148.184

114 kB

URL
widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js
IP
172.64.148.184:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
gzip compressed data, from Unix
Size
114 kB (114051 bytes)
Hash
2ded1784c5e367d259178ceb534724fd
7ac928296b14caee524146f6631ddad6756ea009
c832dac60544ae82570b5cee747d74296295772f1fe68a5a14e18da3c7068638

HTTP Headers

GET /_next/static/chunks/663-81a4add2f1c95639.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Wed, 08 May 2024 06:59:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 28 Mar 2024 06:56:31 GMT
etag: W/"5b0da-18e83d890e3"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 653506
expires: Thu, 08 May 2025 06:59:40 GMT
server: cloudflare
cf-ray: 8807917f0d645693-OSL
X-Firefox-Spdy: h2

eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280

83.147.204.194

180 kB

URL
eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
gzip compressed data, from Unix
Size
180 kB (179796 bytes)
Hash
046ccad7c2e15d8f299db531faf41dee
6efefe51d989adaf90c1a30af78f52410b092f0e
a3bd98d8e6c7dfd633b75e22a77d12110f03e3fd8decef0fbb987d1252e9e8f8

HTTP Headers

GET /en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280 HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/html; charset=utf-8
x-request-guid: d390a45773353a62a1c55c6f88196134
x-frame-options: ALLOWALL
etag: "15c9b1-9+8RgNoJDjzId1bWBN8UrHGIh/Q"
accept-ranges: none
vary: Accept-Encoding
content-encoding: gzip
x-time-ng: 1.391
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=1.413
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.328/285/country.svg

185.244.209.62

142 kB

URL
v3.traincdn.com/sys-icons/1.0.328/285/country.svg
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
142 kB (141594 bytes)
Hash
a84f71e031728db4b249192ccb59d311
6bb2a6ac65429a7ac25b8d2287618f265b4c797b
73243e578677919e886e05132dfa9941e101d0e81bef236f6582f3d520187f84

HTTP Headers

GET /sys-icons/1.0.328/285/country.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"60caf0d666af828706b3d83c428a31e4"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:03 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bcefa98e8fe7c24c51d200fad1bf265e-02ee61d2b920278c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:03+00:00, 2024-05-07T12:42:30+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eventsstat.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 May 2024 01:55:00 GMT
expires: Fri, 02 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
age: 536685
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://eventsstat.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 336668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/img/events.33d5056.svg

83.147.204.194

200 OK

11 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/img/events.33d5056.svg
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
SVG Scalable Vector Graphics image
Size
11 kB (11141 bytes)
Hash
a1656dc2b3825aa1be9360a9ba4d48ce
1d5ddc152bc77feccce04b671d9ccf91abae2783
147962037a62976141ba17a129dd363a7c17747faad7469791968634af1f8358

HTTP Headers

GET /statistic-app/sys-static/desktop/default/img/events.33d5056.svg HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"a1656dc2b3825aa1be9360a9ba4d48ce"
x-amz-meta-mtime: 1714822493.609210065
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

1xlite-461430.top/web-api/session

178.253.29.51

0 B

URL
1xlite-461430.top/web-api/session
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/session HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Wed, 08 May 2024 06:59:46 GMT
cache-control: no-cache, private
server-timing: p;dur=13, dt_total;dur=29.125, wf-uht;dur=0.037
traceparent: 00-4c0ebce1225e712823fea536cacb8e1c-4b18681c12838d21-01
x-dt: 285
x-time-ng: 0.019
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js

185.244.209.62

200 OK

66 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
66 kB (66479 bytes)
Hash
191ff223860f458112e0be2a63bd9857
850dd681d5b31321f00b8df955a455aa9478e44e
40e1fe6d194776c5fa845dda1dbebda9c2bc3154d8c45793ae74a2e1bf147016

HTTP Headers

GET /_nuxt/desktop/default/vendors/conversion-f0624fc4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:46 GMT
content-type: application/javascript; charset=utf-8
content-length: 66479
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-103af"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:50 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8982a81435bd65a1d3c61a3d10dace97-d7d83dc80b6a7c1e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:50+00:00, 2024-05-07T14:48:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/hd-api/external/api/web/v1/converslon/load

178.253.29.51

200 OK

112 kB

URL GET HTTP/2
1xlite-461430.top/hd-api/external/api/web/v1/converslon/load
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
gzip compressed data
Size
112 kB (111841 bytes)
Hash
ff98e896840fc54a339c7b9ac2590ed5
01c27b3f3b44046fdf10c1f7e78f7db32dd6aaa6
6f0c8ed5697e9d30a31fea39cec36c6a08ad49f6b8a88c3c6db1f6491513eb31

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /hd-api/external/api/web/v1/converslon/load HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:46 GMT
content-type: application/json
content-encoding: gzip
traceparent: 00-b810539b0d9931440fa18c8f7a7ff4ba-2b229addccecd069-01
vary: Accept-Encoding
x-dt: 285
x-request-guid: 53dc9fad3d909185fc9be78c72365ce4
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=3.942, wf-uht;dur=0.012
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/5280.png

83.147.204.194

200 OK

19 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/5280.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
19 kB (19345 bytes)
Hash
8735b25175e7e02cb1116dfc59523f67
a1c18bf8e0ffd544ea1cc8390ef7d88a14b7283b
897fcb6227004705e920f958e28120f12168d2af14ef135779860dbed8c44dbb

HTTP Headers

GET /sfiles/logo_teams/5280.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:47 GMT
content-type: image/png
content-length: 19345
last-modified: Tue, 31 Jan 2023 13:33:38 GMT
etag: "8735b25175e7e02cb1116dfc59523f67"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.054
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/2c00163238eb3b254debbc851815b59a.PNG

83.147.204.194

200 OK

13 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/2c00163238eb3b254debbc851815b59a.PNG
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
13 kB (13024 bytes)
Hash
2c00163238eb3b254debbc851815b59a
9e1ec64639ebbe34e327fc82570216662b431b42
f2d0eaba648f80db61d03d6a924d57b27666d0dd41f23848c1f6d572711ef1e8

HTTP Headers

GET /sfiles/logo_teams/2c00163238eb3b254debbc851815b59a.PNG HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:47 GMT
content-type: image/png
content-length: 13024
last-modified: Wed, 01 Feb 2023 12:14:02 GMT
etag: "2c00163238eb3b254debbc851815b59a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.047
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63748, version 1.0
Size
64 kB (63748 bytes)
Hash
6887b6f24414dbc612dbf42ccdc76b70
8068d3abfbc6cbf35b55919da45b1f4d2d136238
fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:47 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9854adb4509021559d332ff067b8c89f-ccac28e33beb7e95-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-05-08T06:23:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2

185.244.209.62

200 OK

65 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 64732, version 1.0
Size
65 kB (64732 bytes)
Hash
3ac5d40d1b3966fc5eb09ecca74d9cbf
a69f32357765dd321519889aeacba5e9ca893bb0
3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:47 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a56f0412a9ba6b645d1dc186fe5ccba3-3632fef43bc3c6b7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-05-08T06:55:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2

185.244.209.62

200 OK

64 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 63920, version 1.0
Size
64 kB (63920 bytes)
Hash
a65527fcb58f66a7cfbc0e6b160538b4
45d260e7fa343401b5bb0df982a014f53e2d253b
fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45

HTTP Headers

GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:47 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-75ea210572cd457b16c6aec7607bf582-523242d6cedcd30b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-08T06:45:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1

178.253.29.51

200 OK

67 B

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
67 B (67 bytes)
Hash
356a755160619fcbe850aae01879e375
29192606f35c2b9f929939371b89044e2fd787e7
6b3c8c41f9f19e4f639b40ea002af843f5219ed9abe7d4398c7edb4648f89a33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: application/json; charset=utf-8
content-length: 67
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:48 GMT
vary: Accept-Encoding
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/11e4cfbf9b1edee93322d20efb067157.PNG

83.147.204.194

14 kB

URL
eventsstat.com/sfiles/logo_teams/11e4cfbf9b1edee93322d20efb067157.PNG
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
14 kB (14140 bytes)
Hash
11e4cfbf9b1edee93322d20efb067157
15246a315e3098c273f5fc2715c5e5864f23c9e4
b44c0b88094fa32de9d2ceb02b99afc77efa9ad72fddfd1ec0dcf44101e84d40

HTTP Headers

GET /sfiles/logo_teams/11e4cfbf9b1edee93322d20efb067157.PNG HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 14140
last-modified: Wed, 01 Feb 2023 07:51:21 GMT
etag: "11e4cfbf9b1edee93322d20efb067157"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.063
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/4420253.js

83.147.204.194

131 kB

URL
eventsstat.com/statistic-app/sys-static/desktop/default/4420253.js
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65524), with no line terminators
Size
131 kB (131393 bytes)
Hash
1bf7ff539d74ada4fab8ed35c46d9434
9525c0b2ee51fdf0268723e54869beb05700d1e8
3ccf0b68915262bc209230d7b9652306b154fbb7c26245339ba10c99ae10deef

HTTP Headers

GET /statistic-app/sys-static/desktop/default/4420253.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:47 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:16 GMT
etag: W/"1bf7ff539d74ada4fab8ed35c46d9434"
x-amz-meta-mtime: 1714822493.637209578
content-encoding: br
expires: Thu, 09 May 2024 06:59:47 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.015
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/1705962ffbc1e568500d02753d414082.png

83.147.204.194

200 OK

19 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/1705962ffbc1e568500d02753d414082.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
19 kB (18677 bytes)
Hash
8f7e84c6def18163ad04a9f6834a41d5
877baecf60e7d3f68d5d99bf51e1a3e653ff906d
d561175817f78e6e8474aa2ad952524a0fc9f407dcad249dfeb7c0321fcab439

HTTP Headers

GET /sfiles/logo_teams/1705962ffbc1e568500d02753d414082.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 18677
last-modified: Tue, 31 Jan 2023 13:28:56 GMT
etag: "8f7e84c6def18163ad04a9f6834a41d5"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.061
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/4248ac2021dc04c1d42b10d68aca3b11.json

178.253.29.51

1.2 kB

URL
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/4248ac2021dc04c1d42b10d68aca3b11.json
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
1.2 kB (1247 bytes)
Hash
5696ef1b371a34f9ef6d91bde17f66e7
888943f8c4faf3a9f29cf2fd2933cefa6c01b24f
ada4a21a08ddf6bb03d39fcf39bb6c5d988f6697479abffc92096a157064b2af

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/4248ac2021dc04c1d42b10d68aca3b11.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 04 Apr 2024 11:33:40 GMT
etag: W/"5696ef1b371a34f9ef6d91bde17f66e7"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/11551.png

83.147.204.194

7.3 kB

URL
eventsstat.com/sfiles/logo_teams/11551.png
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
7.3 kB (7252 bytes)
Hash
9053575eeeec35a60c4077056a0a0906
3914bc4ce844170725b6289afbfbcc3738cc93c3
95627c70d59370dd3a00923a1aa0298047f2fe45d10805527a1c04a349aa6b82

HTTP Headers

GET /sfiles/logo_teams/11551.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 7252
last-modified: Fri, 27 Jan 2023 08:54:03 GMT
etag: "9053575eeeec35a60c4077056a0a0906"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.053
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/betstemplates/bets_model_map_short_en.json

185.244.209.62

19 kB

URL
v3.traincdn.com/genfiles/cms/betstemplates/bets_model_map_short_en.json
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
19 kB (19326 bytes)
Hash
917ae5a2348365bb9e37a0bd03438325
5d6f0d7ea507c374608797a27d380ac6f17efd57
20f10a094ff84b4ce3ab6df57df6cdbd6bfa58415d72c4b6c625fcaa6444b829

HTTP Headers

GET /genfiles/cms/betstemplates/bets_model_map_short_en.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:44 GMT
content-type: application/json
last-modified: Thu, 02 May 2024 09:18:56 GMT
etag: W/"a799a969a6e2b30c7a407d320499643b"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b109f81d3d521d500bbcad3c2b888c1a-2c12f13b7b1a9366-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T10:20:51+00:00, 2024-05-08T06:25:31+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/003c269202db4b09b9a32f474416bf5d.png

83.147.204.194

200 OK

40 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/003c269202db4b09b9a32f474416bf5d.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 16-bit/color RGBA, non-interlaced
Size
40 kB (40332 bytes)
Hash
86eb569c7a39f01762fa165ea988e935
353b02a10b849dfa5928ed8db40eda35f2c8029b
1faabe9a9bcad64ab14b9ed02b8eade0dcd721a8b9d80a61f6addfc5e207bb25

HTTP Headers

GET /sfiles/logo_teams/003c269202db4b09b9a32f474416bf5d.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 40332
last-modified: Wed, 01 Feb 2023 12:02:55 GMT
etag: "86eb569c7a39f01762fa165ea988e935"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.064
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/7ed6658d82bc55a3a893dcc16ebb0452.png

83.147.204.194

200 OK

24 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/7ed6658d82bc55a3a893dcc16ebb0452.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
24 kB (24496 bytes)
Hash
14441b635f368b539f8bca98860def84
b2a6c1494f0e7f590538df88bd7f01718a71d45e
3971e2ae9072512b6c8489cca7af30c34a2d093b299ea6fedb83b7c772bde79f

HTTP Headers

GET /sfiles/logo_teams/7ed6658d82bc55a3a893dcc16ebb0452.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 24496
last-modified: Wed, 01 Feb 2023 08:31:18 GMT
etag: "14441b635f368b539f8bca98860def84"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.054
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/5846.png

83.147.204.194

15 kB

URL
eventsstat.com/sfiles/logo_teams/5846.png
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
15 kB (14652 bytes)
Hash
882091396eabcce7866ee362e677c6b4
2495d109dc84f0f8d2a392ebf9de71c3c7b80af1
977fbb5e91eb2ac9613170fb2621020af0dc3c30900a58d5bbf01c8507975c22

HTTP Headers

GET /sfiles/logo_teams/5846.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 14652
last-modified: Tue, 31 Jan 2023 13:32:11 GMT
etag: "882091396eabcce7866ee362e677c6b4"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.048
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/161fae3c3d32b8b13925eee3fb2094ed.png

83.147.204.194

200 OK

23 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/161fae3c3d32b8b13925eee3fb2094ed.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
23 kB (23095 bytes)
Hash
f1207ec301e76aaf05dde8ee76378a4c
0f6b08c83ec7951aab06747ce6cea6ea826b266b
66bc2032b02955bbe9cd1381b4029491d9c966d007759470ca4221c4f0ba895b

HTTP Headers

GET /sfiles/logo_teams/161fae3c3d32b8b13925eee3fb2094ed.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 23095
last-modified: Wed, 01 Feb 2023 12:03:18 GMT
etag: "f1207ec301e76aaf05dde8ee76378a4c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.081
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7f79b3bfb64b.css

185.244.209.62

75 kB

URL
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7f79b3bfb64b.css
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
gzip compressed data, max speed, from Unix
Size
75 kB (74759 bytes)
Hash
152ac5af24133770563a51e70bf0bed3
985ed525d747ad37524595467ccefe64db9422c1
32eb3ce3b4202da005fded1c9fcb2c512a21cff27fc701e28597e7e0f75f28ca

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7f79b3bfb64b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"304cc943df23445a393ae3d5b02dc1c7"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:45 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-083a1ea7980a4c7dd08ae81a598c9322-5abe10b64a73b069-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:45+00:00, 2024-05-07T17:01:25+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/ee5b33ea4d2cb16f6a6007db37e033ef.png

83.147.204.194

200 OK

12 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/ee5b33ea4d2cb16f6a6007db37e033ef.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced
Size
12 kB (12082 bytes)
Hash
13f7e24666724d32ceb4d5e1ef2a6dd7
2120aefc3a60397780b7cbc65eea5d0ec8e5ee18
227bf8a08ab7ce06a829d5fc83c806945bec90ce08bdc9b09e159b6764cfff06

HTTP Headers

GET /sfiles/logo_teams/ee5b33ea4d2cb16f6a6007db37e033ef.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 12082
last-modified: Tue, 11 Apr 2023 20:28:26 GMT
etag: "13f7e24666724d32ceb4d5e1ef2a6dd7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.051
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/72a362ffcafd11a34f109af02bb3b54b.png

83.147.204.194

200 OK

24 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/72a362ffcafd11a34f109af02bb3b54b.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced
Size
24 kB (24009 bytes)
Hash
e6853987d05d078f41137ae36b90c3fc
a5a4913735f2ae567945e276fdca7acdfc1dc524
a2a412b702f82b0da2a15786be9e057d5f0ae25188af726165775efa58a4deb1

HTTP Headers

GET /sfiles/logo_teams/72a362ffcafd11a34f109af02bb3b54b.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 24009
last-modified: Mon, 13 Feb 2023 01:16:36 GMT
etag: "e6853987d05d078f41137ae36b90c3fc"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.058
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/ab6868985bd4795e8e2500a0b05a3cac.png

83.147.204.194

200 OK

26 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/ab6868985bd4795e8e2500a0b05a3cac.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced
Size
26 kB (26516 bytes)
Hash
e84fb43f3618abbd097302959878370b
747849caa5d66603e4dafa5d03f7a52c5770e231
babb89013ff3b6123369964c86d08c37103438f3982a4090db7b9b80d7016dff

HTTP Headers

GET /sfiles/logo_teams/ab6868985bd4795e8e2500a0b05a3cac.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 26516
last-modified: Mon, 13 Feb 2023 01:15:41 GMT
etag: "e84fb43f3618abbd097302959878370b"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.062
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/ec8be4d0e83f49c3bd225b66895bb3bd.png

83.147.204.194

25 kB

URL
eventsstat.com/sfiles/logo_teams/ec8be4d0e83f49c3bd225b66895bb3bd.png
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced
Size
25 kB (25361 bytes)
Hash
9bcfb40411469e928aaf15d661e86780
cda63238abeda67275391909d8d879b5f774832a
6eebb91190794a1fc29d7a672a16edb58f4e7fc6e67a5eebf3a229b680a21f84

HTTP Headers

GET /sfiles/logo_teams/ec8be4d0e83f49c3bd225b66895bb3bd.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 25361
last-modified: Mon, 13 Feb 2023 01:30:22 GMT
etag: "9bcfb40411469e928aaf15d661e86780"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.062
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/7477a11bdd6e8dba4ded3ca4937269cf.png

83.147.204.194

11 kB

URL
eventsstat.com/sfiles/logo_teams/7477a11bdd6e8dba4ded3ca4937269cf.png
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
11 kB (11296 bytes)
Hash
ed2be28ce7fe97b213a375021e90ab67
8d17c33c58d621d1b7a9133e7e026a6e33f5c9a5
a785149e00ac9df06fe3d6f8033df0edacb2f5afe6547ab5025a005cd93a5de1

HTTP Headers

GET /sfiles/logo_teams/7477a11bdd6e8dba4ded3ca4937269cf.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 11296
last-modified: Wed, 10 Apr 2024 18:51:19 GMT
etag: "ed2be28ce7fe97b213a375021e90ab67"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.056
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/a01e05cae2f5087d31e3dd580b8c1ce3.json

178.253.29.51

200 OK

15 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/a01e05cae2f5087d31e3dd580b8c1ce3.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
15 kB (15226 bytes)
Hash
5f6393bd6febc268d33cb235c7eec194
819eb4409582bcea038e527fd5859dde2d13e0e7
9ae42c0a8d88add1a2d54faab5d819c619cb2a2a1eec7595fe1029a91449efb0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/a01e05cae2f5087d31e3dd580b8c1ce3.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 14 Nov 2023 06:21:55 GMT
etag: W/"5f6393bd6febc268d33cb235c7eec194"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/50ebd4bca6eb810bb04870f947cec1dc.png

83.147.204.194

200 OK

12 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/50ebd4bca6eb810bb04870f947cec1dc.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
12 kB (12027 bytes)
Hash
f1aef297fabc8bb03191424fca98480e
41feb45712e2bc543b34bb6c00acd1a844a53217
f037bbbc167d41540fe0d1aee0fbf7a527a156e19d1a8044359f9e716da74bdb

HTTP Headers

GET /sfiles/logo_teams/50ebd4bca6eb810bb04870f947cec1dc.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 12027
last-modified: Tue, 25 Jul 2023 10:40:17 GMT
etag: "f1aef297fabc8bb03191424fca98480e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.056
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/26dea773329ae353f29d4c158ada9156.png

83.147.204.194

200 OK

24 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/26dea773329ae353f29d4c158ada9156.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced
Size
24 kB (23952 bytes)
Hash
e5baf6ac2cb98fc3d338bc5be8ae3e03
ccdd620917be7cd8df9c5ca82e2cc7dbd90b531b
d5db93511c4de509645828ac5b5d3f873c757253c90c11c05b4ef7274037fadf

HTTP Headers

GET /sfiles/logo_teams/26dea773329ae353f29d4c158ada9156.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 23952
last-modified: Wed, 15 Feb 2023 22:32:23 GMT
etag: "e5baf6ac2cb98fc3d338bc5be8ae3e03"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.063
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/c7c3d7587c9ff9968eeb12db15e30182.png

83.147.204.194

200 OK

14 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/c7c3d7587c9ff9968eeb12db15e30182.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
14 kB (14081 bytes)
Hash
c6974366437ba878e03ef64fb07616c6
6e59ee8044ea747586b01be575f54375df3842ad
22bf7a16c7cc7ae8120722aca0693e76a5c62b1a94691f2c2e0484f30767bbfc

HTTP Headers

GET /sfiles/logo_teams/c7c3d7587c9ff9968eeb12db15e30182.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 14081
last-modified: Tue, 25 Jul 2023 10:49:10 GMT
etag: "c6974366437ba878e03ef64fb07616c6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.056
X-Firefox-Spdy: h2

1xlite-461430.top/web-api/registration

178.253.29.51

200 OK

31 kB

URL POST HTTP/2
1xlite-461430.top/web-api/registration
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
31 kB (31156 bytes)
Hash
ceea7fd7e6148fd9dc744fc633e1d416
494d9ec66e794c953a589aee249e25f6d24bfaa0
3e421090d52ac8e0ec38a9f4295b85469b8dc3edbadc39f16aa0bc26c158c285

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /web-api/registration HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
Content-Length: 17
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=33, dt_total;dur=34.082, wf-uht;dur=0.047
traceparent: 00-87b732207324f9f1c014a4b29e6cbb7d-4d73ca9ac2543246-01
x-dt: 285
x-time-ng: 0.034
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/7ba58ff9bb84da78ec345b09d297b429.json

178.253.29.51

16 kB

URL
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/7ba58ff9bb84da78ec345b09d297b429.json
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
16 kB (16152 bytes)
Hash
dad3a9b077bc630619a2f0a6422b65ae
21ed76245ef3e318fe37ac6d145ffebeac627956
8db3ba27ae59a7f93f8dbe2f9a499b4e028717aa6c139eef0b78e1ec09eca758

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/7ba58ff9bb84da78ec345b09d297b429.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 28 Nov 2023 09:26:45 GMT
etag: W/"dad3a9b077bc630619a2f0a6422b65ae"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/f1affa444eaf5490d39a6e4345fca799.png

83.147.204.194

200 OK

19 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/f1affa444eaf5490d39a6e4345fca799.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
19 kB (18705 bytes)
Hash
09e8d1a77ad6536706efb371c46e5199
1c3c4bde479d9bf09ace7f41e72f9f3c03ab81c9
9298ef37eddfae84e7d6dd92e8aeac4b39f312c1d25659d88e784ce1888a5974

HTTP Headers

GET /sfiles/logo_teams/f1affa444eaf5490d39a6e4345fca799.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 18705
last-modified: Wed, 01 Feb 2023 08:19:03 GMT
etag: "09e8d1a77ad6536706efb371c46e5199"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.048
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/0c4604ac05c7ca35e24afdee6e339823.png

83.147.204.194

200 OK

12 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/0c4604ac05c7ca35e24afdee6e339823.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced
Size
12 kB (11619 bytes)
Hash
440c5c3adf4ef52bc56466aab2efca7e
4c74b4d1ba2d31b70a26576ad6ecb73c976f721c
3ddea6891a23fdb3b10826e137414d8be2fd0e454acd12b4ad4b525317f2b4dd

HTTP Headers

GET /sfiles/logo_teams/0c4604ac05c7ca35e24afdee6e339823.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 11619
last-modified: Tue, 25 Jul 2023 10:53:14 GMT
etag: "440c5c3adf4ef52bc56466aab2efca7e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.054
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/eeb1c0e.js

83.147.204.194

200 OK

33 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/eeb1c0e.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (39674), with NEL line terminators
Size
33 kB (32988 bytes)
Hash
c311f71ea06e3dbe4efd07890c0f464d
1faca436f54713f5430a624976bdd7f78dd92156
51bf82effb46dc07efab2c1c7a21e673e1bd9e6f2a0cfd6c9dc275a8fba1f840

HTTP Headers

GET /statistic-app/sys-static/desktop/default/eeb1c0e.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:47 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"c311f71ea06e3dbe4efd07890c0f464d"
x-amz-meta-mtime: 1714822493.633209647
content-encoding: br
expires: Thu, 09 May 2024 06:59:47 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/6a8c28e0f371855fc730025bf1488adc.png

83.147.204.194

17 kB

URL
eventsstat.com/sfiles/logo_teams/6a8c28e0f371855fc730025bf1488adc.png
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
17 kB (16855 bytes)
Hash
b94ed6e1451bc6a4888672ce96c8b593
728938ab049e16971918e6416ac3006b32b4f514
f16c4ba30841831ef1e9859d81620c5d81cc0bfe3ab817afd7d40017ec995ce5

HTTP Headers

GET /sfiles/logo_teams/6a8c28e0f371855fc730025bf1488adc.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 16855
last-modified: Wed, 01 Feb 2023 10:07:29 GMT
etag: "b94ed6e1451bc6a4888672ce96c8b593"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.046
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/cff0325287cb16fea99b07b82a4dc0c9.png

83.147.204.194

13 kB

URL
eventsstat.com/sfiles/logo_teams/cff0325287cb16fea99b07b82a4dc0c9.png
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
13 kB (12817 bytes)
Hash
51bdf907934e5ab150d3e42f06d706f0
af3b8ed1090e4a2b6efd81f14f8c7c09f17f0201
fd3b02065ad2f00abb8abe5ab9cf968bd58f84ed77d8fac1a617527dd7d04bc6

HTTP Headers

GET /sfiles/logo_teams/cff0325287cb16fea99b07b82a4dc0c9.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 12817
last-modified: Mon, 02 Oct 2023 20:17:40 GMT
etag: "51bdf907934e5ab150d3e42f06d706f0"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.053
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/9ce4ed46fa1666467b5ae988bd773003.json

178.253.29.51

200 OK

26 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/9ce4ed46fa1666467b5ae988bd773003.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
26 kB (25694 bytes)
Hash
100e4597e83688846712039d84a522a4
faa02160e21630294f1b8280a041e3ccca42264a
48266377c5004b463f65b5a8ec5d26de0d9692f1a4add35dcbadf64845ef40c2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/9ce4ed46fa1666467b5ae988bd773003.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 03 Aug 2023 10:07:03 GMT
etag: W/"100e4597e83688846712039d84a522a4"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/aa1b39c455d676a64cc76984544d4525.png

83.147.204.194

200 OK

22 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/aa1b39c455d676a64cc76984544d4525.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
22 kB (21708 bytes)
Hash
2c9ea9753ffa1e9ca94883d09f3325d1
1299168fb8ac53dd5636b44e23c9a29f13b9cc29
44d546991a1b7009bc61bdf23dbba5bf4de67805dbd329bbeea34b71066aab82

HTTP Headers

GET /sfiles/logo_teams/aa1b39c455d676a64cc76984544d4525.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 21708
last-modified: Thu, 26 Jan 2023 08:10:41 GMT
etag: "2c9ea9753ffa1e9ca94883d09f3325d1"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.058
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/c3ed3a93cb7a9e52497977fd82e0cb04.json

178.253.29.51

24 kB

URL
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/c3ed3a93cb7a9e52497977fd82e0cb04.json
IP
178.253.29.51:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
24 kB (24382 bytes)
Hash
6f30fa5b241b7112117d936a0539f638
002cd5a62e56fb4a11c46cae2c7cf1353fc78783
beae4d3574566d9e0bc9f75d8934884db04a4b70501cffd98ccc0e406c140c8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/c3ed3a93cb7a9e52497977fd82e0cb04.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 03 Aug 2023 15:55:33 GMT
etag: W/"6f30fa5b241b7112117d936a0539f638"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/7fd8a26.js

83.147.204.194

200 OK

18 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/7fd8a26.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (6782), with no line terminators
Size
18 kB (17697 bytes)
Hash
430d0f7dc58da13003b651d28b6dbe3e
3c6833fa191ec0b613e613f27346d32d4e131955
290a16f1862926218ba11b10a955ccb0ed136ac843709f78a7cb56103f33e035

HTTP Headers

GET /statistic-app/sys-static/desktop/default/7fd8a26.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"430d0f7dc58da13003b651d28b6dbe3e"
x-amz-meta-mtime: 1714822493.681208813
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/02529ebe6b4f699c94a94b18bf718b6a.png

83.147.204.194

200 OK

16 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/02529ebe6b4f699c94a94b18bf718b6a.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
16 kB (15756 bytes)
Hash
8a83650c869177abcf2ecaf3d19fbe24
95f06a3e3e90158ebd505d6ef984b4df60f6055b
a638a1134f6aa86383dd60703c228d38c91246688f1aa6dc1ed756087caee2a3

HTTP Headers

GET /sfiles/logo_teams/02529ebe6b4f699c94a94b18bf718b6a.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 15756
last-modified: Wed, 01 Feb 2023 10:37:39 GMT
etag: "8a83650c869177abcf2ecaf3d19fbe24"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.071
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/51cc7d50397d210027945fe35e27940d.png

83.147.204.194

200 OK

14 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/51cc7d50397d210027945fe35e27940d.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
14 kB (14543 bytes)
Hash
97eacfc10e80d0b3556c1b29614bfff9
831e20fbbd1e61168523ec634a4ba2e8e18f9a40
2a9f44b2d24218f29d87e215043645e706ecd1fbe2c90aaa7cf53282ce171b6a

HTTP Headers

GET /sfiles/logo_teams/51cc7d50397d210027945fe35e27940d.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 14543
last-modified: Sat, 28 Jan 2023 14:55:19 GMT
etag: "97eacfc10e80d0b3556c1b29614bfff9"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.056
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/img/short-arrows.42c2d66.svg

83.147.204.194

200 OK

11 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/img/short-arrows.42c2d66.svg
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
SVG Scalable Vector Graphics image
Size
11 kB (11058 bytes)
Hash
c151af912955851cca6e52f5b3aafd60
079717bff3d834e20d09c6a9e9e116677a8515aa
3303d84c702d253bea73929ccb9a204cc92ef9cb9d60077bf1acf06d612e278d

HTTP Headers

GET /statistic-app/sys-static/desktop/default/img/short-arrows.42c2d66.svg HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"c151af912955851cca6e52f5b3aafd60"
x-amz-meta-mtime: 1714822493.609210065
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/cf595d91800a9e704eae8f8144ec3698.json

178.253.29.51

200 OK

28 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/cf595d91800a9e704eae8f8144ec3698.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
28 kB (28087 bytes)
Hash
0bb12b4ad161abb85aa8fd50a78c1a59
d1f78a510d8e38639838b89e1bbdf08a5eb9ba3f
18f4f2d4b5c865422f5ea2c0c51aed72f46fe1c5b62b44ada0db3e2ce1e4dfb9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/cf595d91800a9e704eae8f8144ec3698.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Wed, 08 Nov 2023 10:38:43 GMT
etag: W/"0bb12b4ad161abb85aa8fd50a78c1a59"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/19ffbeb4e8a934e4c5fa9e7b0684ae8d.png

83.147.204.194

200 OK

22 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/19ffbeb4e8a934e4c5fa9e7b0684ae8d.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
22 kB (21805 bytes)
Hash
a0a0e7658534b1637c3f74ae9a08019e
42a2e01a2f448fae4c3f6cdade78fd4902003861
0d220aa9d8ee975127def9010718d3d622f3ff7c24d60ec1e4b5de38b8bd8aa9

HTTP Headers

GET /sfiles/logo_teams/19ffbeb4e8a934e4c5fa9e7b0684ae8d.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 21805
last-modified: Tue, 31 Jan 2023 13:54:20 GMT
etag: "a0a0e7658534b1637c3f74ae9a08019e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.066
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo-champ/269f8c251f20aafcd4a168cad95f336d.png

83.147.204.194

200 OK

22 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo-champ/269f8c251f20aafcd4a168cad95f336d.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Size
22 kB (22341 bytes)
Hash
0cbd5e90aac7d3a6676a453a37816d0a
fe5298c91b29f0956d677daeab79e1a5bf5a3546
607056ea186c6c4a673c140829bee1ae37dfda052ff4afde0872385016243950

HTTP Headers

GET /sfiles/logo-champ/269f8c251f20aafcd4a168cad95f336d.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 22341
last-modified: Wed, 04 Jan 2023 07:56:56 GMT
etag: "0cbd5e90aac7d3a6676a453a37816d0a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.046
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/d4f1630611c50099e1c0e8f3cfa483a6.png

83.147.204.194

17 kB

URL
eventsstat.com/sfiles/logo_teams/d4f1630611c50099e1c0e8f3cfa483a6.png
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
17 kB (16921 bytes)
Hash
33eb8cc8d737acc60a456f60f656ba11
3b7062163d1d2413f005c6b6f9980f4a9eda2e47
cad06d06dd24e005c353253489e9bc66212df23e5e097125e3a05f41bc39f8cf

HTTP Headers

GET /sfiles/logo_teams/d4f1630611c50099e1c0e8f3cfa483a6.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 16921
last-modified: Fri, 27 Jan 2023 14:29:10 GMT
etag: "33eb8cc8d737acc60a456f60f656ba11"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.062
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/25528cc.css

83.147.204.194

14 kB

URL
eventsstat.com/statistic-app/sys-static/desktop/default/css/25528cc.css
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (11377), with no line terminators
Size
14 kB (13814 bytes)
Hash
fdb3b7845d3b3def892c967587ae80e2
094994c4995d73a784c8be2858d83052e5fbb504
37b183323241ffd8ebb03ff4ba62a22840075bc37c2a438b1f2d6718de2b18e7

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/25528cc.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:16 GMT
etag: W/"fdb3b7845d3b3def892c967587ae80e2"
x-amz-meta-mtime: 1714822493.657209231
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/b342127.js

83.147.204.194

200 OK

25 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/b342127.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
JavaScript source, ASCII text, with very long lines (13311), with no line terminators
Size
25 kB (24852 bytes)
Hash
b440d5acb042f355d280d1e8b5fb7ab1
8ef08da2d026d9d2e3e03d503b095e4457b0a4de
e5ed657f93147514e1292b33b609bfe9b60530d6957cee067330389672d7fbc4

HTTP Headers

GET /statistic-app/sys-static/desktop/default/b342127.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"b440d5acb042f355d280d1e8b5fb7ab1"
x-amz-meta-mtime: 1714822493.657209231
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.023
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/2b7d9a9f081b747caced4aaad6f6890e.png

83.147.204.194

8.7 kB

URL
eventsstat.com/sfiles/logo_teams/2b7d9a9f081b747caced4aaad6f6890e.png
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
8.7 kB (8714 bytes)
Hash
2b7d9a9f081b747caced4aaad6f6890e
c02c03c62929b705ba7ebeacfaec45424a821148
df634896bcaec5923aab4609860bdedca24cc899495166a3f7e27c1113a9b868

HTTP Headers

GET /sfiles/logo_teams/2b7d9a9f081b747caced4aaad6f6890e.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 8714
last-modified: Thu, 26 Jan 2023 10:12:39 GMT
etag: "2b7d9a9f081b747caced4aaad6f6890e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.064
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/f7386b50d4f01f886e23a4c0a75e88a9.json

178.253.29.51

200 OK

24 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/f7386b50d4f01f886e23a4c0a75e88a9.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
24 kB (23672 bytes)
Hash
e87004b39ac1a35dd1362b43e41d9b94
796f4636ad46c7dffbb268dbc110a5851bc65ac6
fefa713c630ac16a56425ec6b0c37a9f8960981eb676c75bae8acfc131a8d79f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/f7386b50d4f01f886e23a4c0a75e88a9.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 26 Sep 2023 09:40:12 GMT
etag: W/"e87004b39ac1a35dd1362b43e41d9b94"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/b33c92ff01462e3cc1467a106787272c.png

83.147.204.194

200 OK

12 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/b33c92ff01462e3cc1467a106787272c.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
12 kB (11548 bytes)
Hash
00b6a563982ad5bc891353447ce8d41f
91e113e1fc407427d4f2b625f97c6a8b8a6d95cb
a396043df4d67e7dd880d20000a4520de9684473ff561c536e3af557bee5a540

HTTP Headers

GET /sfiles/logo_teams/b33c92ff01462e3cc1467a106787272c.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 11548
last-modified: Tue, 25 Jul 2023 10:48:26 GMT
etag: "00b6a563982ad5bc891353447ce8d41f"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.047
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js

185.244.209.62

200 OK

2.4 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (6444), with no line terminators
Size
2.4 kB (2434 bytes)
Hash
60f915b0daad3af04303726381897e81
133c20a7f58c18758483c23f595d5a4f22ba9371
320b5a7d25c926dc55eb7a53f4348bf7c34bd7f5bc6ad3bcd1d16029239dc3a1

HTTP Headers

GET /_nuxt/desktop/default/analytics-a8ae3276.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 2434
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-982"
content-encoding: gzip
expires: Wed, 08 May 2024 08:41:52 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-966f450463cb7750a2af364d77a5a195-2f7308d35b74c9da-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:41:52+00:00, 2024-05-07T09:24:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66

142.250.74.40

106 kB

URL
www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (10899)
Size
106 kB (105834 bytes)
Hash
bdb1057041954cb52b9944da44176b1e
340c67887b719a49ca719056e4fffae3bea20d9b
f553adf5ad8e417acbee13c4d28bca82eadfbee16319deb63a35b4e1f2a8efeb

HTTP Headers

GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 06:59:49 GMT
expires: Wed, 08 May 2024 06:59:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 105834
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

eventsstat.com/sfiles/logo_teams/b33c92ff01462e3cc1467a106787272c.png

83.147.204.194

200 OK

12 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/b33c92ff01462e3cc1467a106787272c.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
12 kB (11548 bytes)
Hash
00b6a563982ad5bc891353447ce8d41f
91e113e1fc407427d4f2b625f97c6a8b8a6d95cb
a396043df4d67e7dd880d20000a4520de9684473ff561c536e3af557bee5a540

HTTP Headers

GET /sfiles/logo_teams/b33c92ff01462e3cc1467a106787272c.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:49 GMT
content-type: image/png
content-length: 11548
last-modified: Tue, 25 Jul 2023 10:48:26 GMT
etag: "00b6a563982ad5bc891353447ce8d41f"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.052
accept-ranges: bytes
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V

142.250.74.40

200 OK

154 B

URL GET HTTP/3
www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
154 B (154 bytes)
Hash
cfbeaf604823f038b8b46f0ac862b98c
7b9eb1dac48e74fa5f418bc456cb410f88b81d98
20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319

HTTP Headers

GET /gtm.js?id=GTM-KFGPRJ2V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 06:59:49 GMT
expires: Wed, 08 May 2024 06:59:49 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64314
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true

178.253.29.51

200 OK

4.4 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
4.4 kB (4374 bytes)
Hash
247b334d5bcac17db2f2546685d4631a
e5a305eef6b234ab635d548adb82acbfa2b2e5ee
428e3d9b6eb44b5fa68ec012028021c8ddf9f12f1277547aed7b0b669483062f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiMGh2ejJRWXRxaTNqQjg5T2svNElsVjVabUMvUzU0VnM5NmVCbUY2ZXVNUnEyMTlzQkVhS1NmREY1emkydG9ORThLVERBZ1RJS0xqck1uVGhENjEveTM4SnYvakNNajZKTVdsc3lveCsydjBWell1VDFiZmlWQXZJRUcyT3BFdGFrMkpNdlVrQ1dDTWsrL2d1NlI0aWpzcGpQdjRvQU1YQjJiYnVjVDFsR2hlOXFXaVJleW5FaHNiU2lzOUx0ekw1UE53cUZBR1Q2b3VTQ3p0ajJCUFNYVFB0ekJGSnVNZE1rR2NEM2ZZbnpSZkIzaENaQTQ0c09yRStLTkNDVWxDc2ZPbElnTHBxbU12L2ZnQzlSN08wYi9DWXZETEtCalpNVldWcmNMbU8yTHJXIiwiZXhwIjoxNzE1MTY1OTg4LCJpYXQiOjE3MTUxNTE1ODh9.yD8K3lSdHcs7lqi7b0Y_PCvXmm65qUV7G7XwjrgVsaqcvlxHHh49HjGugVnYbxg9vnVSVcsCI8A5t13ETCK65A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:49 GMT
content-type: application/json; charset=utf-8
content-length: 4374
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:49 GMT
vary: Accept-Encoding
x-time-ng: 0.011
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.020
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=473268291.1715151590&gtm=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1172361826

172.217.21.163

42 B

URL
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=473268291.1715151590&gtm=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1172361826
IP
172.217.21.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=473268291.1715151590&gtm=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&frm=0&z=1172361826 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 08 May 2024 06:59:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

radar.cedexis.com/1707728419/stub.js

45.54.49.5

200 OK

271 B

URL GET HTTP/1.1
radar.cedexis.com/1707728419/stub.js
IP
45.54.49.5:443
ASN
#63911 NetActuate, Inc

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerDigiCert Inc
Subjectradar.cedexis.com
Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1
ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
271 B (271 bytes)
Hash
82dec77fd0353c7c71ce053b8601387e
fbbca95419e1d0c042e0a5fdf10f380aca66188c
39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7

HTTP Headers

GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 08 May 2024 06:59:50 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:50:42 GMT
Vary: Accept-Encoding
ETag: W/"65c9e9f2-186"
Expires: Wed, 22 May 2024 06:59:50 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip

eventsstat.com/sfiles/logo_teams/12399.png

83.147.204.194

200 OK

9.0 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/12399.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
9.0 kB (9000 bytes)
Hash
32339104eef9c139456876aac5db4ac0
b32e3d8bd884b6b4950ea18673b97f9f79a5d911
b6087efad30afd309880977f0bcd98db6b6253e57ea247f985fd646d8de3162b

HTTP Headers

GET /sfiles/logo_teams/12399.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 9000
last-modified: Wed, 01 Feb 2023 14:16:03 GMT
etag: "32339104eef9c139456876aac5db4ac0"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.049
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/ec94cf91996e14ebe42d61b39b13ac02.json

178.253.29.51

200 OK

15 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/ec94cf91996e14ebe42d61b39b13ac02.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
15 kB (15004 bytes)
Hash
1a092ed797a1157aafa826b6ce3d0c29
336644dca1de3d83983809add0e569ebf63ba0cb
0ac64d60cee50706a9e25342e24ac495286763c51fb74c53a2de824cbc59c1fb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/ec94cf91996e14ebe42d61b39b13ac02.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 03 Nov 2023 08:45:11 GMT
etag: W/"1a092ed797a1157aafa826b6ce3d0c29"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/11809.png

83.147.204.194

200 OK

8.5 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/11809.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
8.5 kB (8499 bytes)
Hash
3f0705f2ef11ff3f2cdc0a5900a6a082
6701a2d3d4526b3571ee8e1f735f06f1222b0249
03088baece5d2ff9ca9d17b85ac849501aa8f53d7dfca5e165e0bd30a2b728ba

HTTP Headers

GET /sfiles/logo_teams/11809.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 8499
last-modified: Wed, 01 Feb 2023 13:55:05 GMT
etag: "3f0705f2ef11ff3f2cdc0a5900a6a082"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.044
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/13189.png

83.147.204.194

8.5 kB

URL
eventsstat.com/sfiles/logo_teams/13189.png
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
8.5 kB (8473 bytes)
Hash
ca1cee37350b938de1cea205ea2afc80
baaaf9d36a816544e76091ea4972d95a8085bf37
0a33309960f474e15d06b11b42748edaadb050c6eaa0082e3c198e2db5558074

HTTP Headers

GET /sfiles/logo_teams/13189.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 8473
last-modified: Tue, 24 Jan 2023 17:31:31 GMT
etag: "ca1cee37350b938de1cea205ea2afc80"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.047
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/12763.png

83.147.204.194

200 OK

9.0 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/12763.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
9.0 kB (9029 bytes)
Hash
3e78eafbbfca261f2d1cabbcf42aa119
fded45a704f16e0ad1a15990c3377d5511e0733a
3e26735514b613611003e24dae3da783efe9ca540c8657937f2d253aabb23064

HTTP Headers

GET /sfiles/logo_teams/12763.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 9029
last-modified: Wed, 01 Feb 2023 13:55:03 GMT
etag: "3e78eafbbfca261f2d1cabbcf42aa119"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.049
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/12689.png

83.147.204.194

200 OK

8.2 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/12689.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
8.2 kB (8183 bytes)
Hash
c2c3687eb84e75b87bd642dddfb13eb6
4e919feeabea698f3919aff47cc632f419979f71
412482179b1474f748d268f0d6bebf047f74f0e8fcc39e37c64a277093ff20e8

HTTP Headers

GET /sfiles/logo_teams/12689.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 8183
last-modified: Wed, 01 Feb 2023 14:15:42 GMT
etag: "c2c3687eb84e75b87bd642dddfb13eb6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.046
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/d9bab32d9788ee18de8ccafb3e183368.png

83.147.204.194

200 OK

11 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/d9bab32d9788ee18de8ccafb3e183368.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
11 kB (10731 bytes)
Hash
f778e450d349017492b6ed71892a6c04
fdf1db36bb6b8900b794807d0c3b37dd3cd58686
418c6b045e32b66815910315629979e168ff136d5a984f0836178329fa80aa22

HTTP Headers

GET /sfiles/logo_teams/d9bab32d9788ee18de8ccafb3e183368.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 10731
last-modified: Wed, 01 Feb 2023 14:15:04 GMT
etag: "f778e450d349017492b6ed71892a6c04"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.053
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/efb8daee8b027b525edadb47fbd300b2.png

83.147.204.194

200 OK

9.3 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/efb8daee8b027b525edadb47fbd300b2.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
9.3 kB (9312 bytes)
Hash
d8e7c45480b698a5ed8bb7992597bf66
1d0353f18a0b533310e6badc17e57b7ac6bdf90f
01c9d231bb9444620acc33f6cf736c063e5cfdb232b7d2a3a5b6fd9204d807ed

HTTP Headers

GET /sfiles/logo_teams/efb8daee8b027b525edadb47fbd300b2.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 9312
last-modified: Wed, 01 Feb 2023 14:15:28 GMT
etag: "d8e7c45480b698a5ed8bb7992597bf66"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.053
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/dde3733bfaa4da13ac79715b8ff79eaa.png

83.147.204.194

200 OK

12 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/dde3733bfaa4da13ac79715b8ff79eaa.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
12 kB (12343 bytes)
Hash
c02bfb06e3b2379dc2e1049b80add7a6
38d91b2be9ebc0506cf37cb15623c4ba2f4505c2
c4812d394fa75466e90f29d4e63dc7e5defe69903a81e0237b543bbe457ecb68

HTTP Headers

GET /sfiles/logo_teams/dde3733bfaa4da13ac79715b8ff79eaa.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 12343
last-modified: Wed, 01 Feb 2023 13:53:20 GMT
etag: "c02bfb06e3b2379dc2e1049b80add7a6"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.047
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/12749.png

83.147.204.194

200 OK

11 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/12749.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
11 kB (10824 bytes)
Hash
15a4de181a1fbe32aaea6f94e2c4388d
6cae1c0c247aa181163aa317f44a30626d9bfd09
3af40d5f265a534c58d608c009f9e7864e27ea57b73d9e4a6756ae07cdbdcb92

HTTP Headers

GET /sfiles/logo_teams/12749.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 10824
last-modified: Wed, 01 Feb 2023 14:15:29 GMT
etag: "15a4de181a1fbe32aaea6f94e2c4388d"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.055
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e8ba09c03176f4ddcd54bba8a458386a.json

178.253.29.51

200 OK

14 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e8ba09c03176f4ddcd54bba8a458386a.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
14 kB (14495 bytes)
Hash
20d285fac7ad52949c5de0f88387b424
80d0d3e51b758859a919096e80302a98190d24b0
31c2c39ad556f891d345bf817ba5768e29aa640a606eb1f24763e898b1604242

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/e8ba09c03176f4ddcd54bba8a458386a.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 16 Feb 2024 09:23:44 GMT
etag: W/"20d285fac7ad52949c5de0f88387b424"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/cb151152db93a8293a4bead299416b4c.png

83.147.204.194

12 kB

URL
eventsstat.com/sfiles/logo_teams/cb151152db93a8293a4bead299416b4c.png
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
12 kB (11654 bytes)
Hash
abc9c2b2ce2b60d7280da2b994b577fd
8754d8493bc7482acc58fee81d2b87da32dbc450
f09dc5d000985b23166dc11c9b7df9649d3683ace34dd5f4adbaf943b31f38cf

HTTP Headers

GET /sfiles/logo_teams/cb151152db93a8293a4bead299416b4c.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 11654
last-modified: Wed, 01 Feb 2023 14:15:17 GMT
etag: "abc9c2b2ce2b60d7280da2b994b577fd"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.049
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/8138df1a48103759480c088328c311d0.png

83.147.204.194

200 OK

13 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/8138df1a48103759480c088328c311d0.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
13 kB (12975 bytes)
Hash
7d1306ba7578d80256cc8731775b3793
71eea647539586491b20df16fdfca64ecfadacfc
edf2b0aad4c4d08ac9aae0e25492f374b094eed22ab32aa0bf388d8f70e5aaad

HTTP Headers

GET /sfiles/logo_teams/8138df1a48103759480c088328c311d0.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 12975
last-modified: Wed, 01 Feb 2023 14:15:35 GMT
etag: "7d1306ba7578d80256cc8731775b3793"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.054
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/cbebbcba9d376c69c768cfd1de2973e8.json

178.253.29.51

200 OK

19 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/cbebbcba9d376c69c768cfd1de2973e8.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
19 kB (18598 bytes)
Hash
840cfce321cff6ef3a6969da8314b04a
6877ccb25456a08f11454e6a1826d65568d61756
381c46e382a51627d0bcd8d1b73fe54fa9fecd47eb33fd369fd9441c11a63528

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/cbebbcba9d376c69c768cfd1de2973e8.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 03 Aug 2023 12:27:51 GMT
etag: W/"840cfce321cff6ef3a6969da8314b04a"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/12773.png

83.147.204.194

11 kB

URL
eventsstat.com/sfiles/logo_teams/12773.png
IP
83.147.204.194:0
ASN
#202492 Silverhill Group Holding Ltd

Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
11 kB (10658 bytes)
Hash
53f2adb70f1469dfc435c11fda04ed35
9fa9cefec6529ce9b727195748dac881eb64dcd4
357d77b60909ca798a03a7dec1283788f36b114f67ec990a39fa7bd63c56e540

HTTP Headers

GET /sfiles/logo_teams/12773.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 10658
last-modified: Wed, 01 Feb 2023 14:15:27 GMT
etag: "53f2adb70f1469dfc435c11fda04ed35"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.054
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/12663.png

83.147.204.194

200 OK

8.4 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/12663.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
8.4 kB (8441 bytes)
Hash
f69af546c71b0ae6ccd4679ed9daba9c
32c9ce226d4369ea5b644a47bf1f26955ebf5c2b
723c8b86e648efc533c22bd88c6ea8e234d15d3604f691b358869da42165d357

HTTP Headers

GET /sfiles/logo_teams/12663.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 8441
last-modified: Wed, 01 Feb 2023 12:01:11 GMT
etag: "f69af546c71b0ae6ccd4679ed9daba9c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.068
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/11805.png

83.147.204.194

200 OK

11 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/11805.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
11 kB (11095 bytes)
Hash
c33365de531c9d81b99b4210cf87de53
8e4b3352656b2cf8f79964cb0195558220889b50
31ca8888a06b8a3c7291c85d764da1f6b14882b8b1e0bda7b94185fabf263cb0

HTTP Headers

GET /sfiles/logo_teams/11805.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 11095
last-modified: Wed, 01 Feb 2023 14:16:06 GMT
etag: "c33365de531c9d81b99b4210cf87de53"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.069
X-Firefox-Spdy: h2

region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je4510v897130004za200&_p=1715151589516&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=473268291.1715151590&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1715151589&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%2Flive%2Ffootball%2F118587-uefa-champions-league%2F530091694-paris-saint-germain-borussia-dortmund&dt=Live%20sports%20betting%20%E1%90%89%20Live%20scores%20%E1%90%89%20Live%20sports%20streams%20%E1%90%89%201xBet%20%3A%20live%20betting%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=15029

216.239.34.36

0 B

URL
region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je4510v897130004za200&_p=1715151589516&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=473268291.1715151590&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1715151589&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%2Flive%2Ffootball%2F118587-uefa-champions-league%2F530091694-paris-saint-germain-borussia-dortmund&dt=Live%20sports%20betting%20%E1%90%89%20Live%20scores%20%E1%90%89%20Live%20sports%20streams%20%E1%90%89%201xBet%20%3A%20live%20betting%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=15029
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-7JGWL9SV66&gtm=45je4510v897130004za200&_p=1715151589516&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=473268291.1715151590&ul=en-us&sr=1280x1024&frm=0&pscdl=noapi&_s=1&sid=1715151589&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%2Flive%2Ffootball%2F118587-uefa-champions-league%2F530091694-paris-saint-germain-borussia-dortmund&dt=Live%20sports%20betting%20%E1%90%89%20Live%20scores%20%E1%90%89%20Live%20sports%20streams%20%E1%90%89%201xBet%20%3A%20live%20betting%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=15029 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-461430.top
date: Wed, 08 May 2024 06:59:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

1xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json

178.253.29.51

200 OK

23 B

URL POST HTTP/2
1xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
23 B (23 bytes)
Hash
c25d08693eb69dc1d599ec6847659416
91254691b4d787251289700408cd16fe742dba57
b9af047d6c404c237c74efb8c3930d2f3c5165542762705a8ae95ec13b01fb09

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
Content-Type: application/json
X-Lang: en
X-Uuid: 55a35bab-fadd-4aee-bb67-bc3438d8c495
Content-Length: 99
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=UA-131019888-1&l=dataLayer&cx=c

142.250.74.40

200 OK

71 kB

URL GET HTTP/3
www.googletagmanager.com/gtag/js?id=UA-131019888-1&l=dataLayer&cx=c
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type
JavaScript source, ASCII text, with very long lines (1822)
Size
71 kB (70859 bytes)
Hash
17bc3aa4f8c9c8f5d7f73c293b0c41a3
5a88885576d699c68ebb7314d6fff34025f1174e
36b9ca4b8c2d9fecc385904faa889c1bf34d4af5cf843ab0bdd3e3c39b2b160c

HTTP Headers

GET /gtag/js?id=UA-131019888-1&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 06:59:50 GMT
expires: Wed, 08 May 2024 06:59:50 GMT
cache-control: private, max-age=900
last-modified: Wed, 08 May 2024 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 70859
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

1xlite-461430.top/service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1

178.253.29.51

200 OK

67 B

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
67 B (67 bytes)
Hash
356a755160619fcbe850aae01879e375
29192606f35c2b9f929939371b89044e2fd787e7
6b3c8c41f9f19e4f639b40ea002af843f5219ed9abe7d4398c7edb4648f89a33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:53 GMT
content-type: application/json; charset=utf-8
content-length: 67
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:48 GMT
vary: Accept-Encoding
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66

178.253.29.51

200 OK

2.3 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
2.3 kB (2285 bytes)
Hash
1c87efc960150e6b71daa66ec0c60c0d
b0badca796cf2c976825018d242a4186dbcd7e51
c84b984cec373fe95efaffeeb765709a588da7e336cc5a711062ac5ded2f99fa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiMGh2ejJRWXRxaTNqQjg5T2svNElsVjVabUMvUzU0VnM5NmVCbUY2ZXVNUnEyMTlzQkVhS1NmREY1emkydG9ORThLVERBZ1RJS0xqck1uVGhENjEveTM4SnYvakNNajZKTVdsc3lveCsydjBWell1VDFiZmlWQXZJRUcyT3BFdGFrMkpNdlVrQ1dDTWsrL2d1NlI0aWpzcGpQdjRvQU1YQjJiYnVjVDFsR2hlOXFXaVJleW5FaHNiU2lzOUx0ekw1UE53cUZBR1Q2b3VTQ3p0ajJCUFNYVFB0ekJGSnVNZE1rR2NEM2ZZbnpSZkIzaENaQTQ0c09yRStLTkNDVWxDc2ZPbElnTHBxbU12L2ZnQzlSN08wYi9DWXZETEtCalpNVldWcmNMbU8yTHJXIiwiZXhwIjoxNzE1MTY1OTg4LCJpYXQiOjE3MTUxNTE1ODh9.yD8K3lSdHcs7lqi7b0Y_PCvXmm65qUV7G7XwjrgVsaqcvlxHHh49HjGugVnYbxg9vnVSVcsCI8A5t13ETCK65A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:54 GMT
content-type: application/json; charset=utf-8
content-length: 2285
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:54 GMT
vary: Accept-Encoding
x-time-ng: 0.007
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.017
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137

178.253.29.51

200 OK

259 B

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
259 B (259 bytes)
Hash
2bc6a7dfea22a69ab35946463edf2753
94716f276d6696366c18b065a2c6ef638a28c89f
5adc56c5dd4970cc93251ab69b375b2e3d3a1767ddccdc6ae510a29362a37115

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiMGh2ejJRWXRxaTNqQjg5T2svNElsVjVabUMvUzU0VnM5NmVCbUY2ZXVNUnEyMTlzQkVhS1NmREY1emkydG9ORThLVERBZ1RJS0xqck1uVGhENjEveTM4SnYvakNNajZKTVdsc3lveCsydjBWell1VDFiZmlWQXZJRUcyT3BFdGFrMkpNdlVrQ1dDTWsrL2d1NlI0aWpzcGpQdjRvQU1YQjJiYnVjVDFsR2hlOXFXaVJleW5FaHNiU2lzOUx0ekw1UE53cUZBR1Q2b3VTQ3p0ajJCUFNYVFB0ekJGSnVNZE1rR2NEM2ZZbnpSZkIzaENaQTQ0c09yRStLTkNDVWxDc2ZPbElnTHBxbU12L2ZnQzlSN08wYi9DWXZETEtCalpNVldWcmNMbU8yTHJXIiwiZXhwIjoxNzE1MTY1OTg4LCJpYXQiOjE3MTUxNTE1ODh9.yD8K3lSdHcs7lqi7b0Y_PCvXmm65qUV7G7XwjrgVsaqcvlxHHh49HjGugVnYbxg9vnVSVcsCI8A5t13ETCK65A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:54 GMT
content-type: application/json; charset=utf-8
content-length: 259
cache-control: no-cache
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:54 GMT
vary: Accept-Encoding
x-time-ng: 0.005
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true

178.253.29.51

200 OK

4.4 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
4.4 kB (4374 bytes)
Hash
247b334d5bcac17db2f2546685d4631a
e5a305eef6b234ab635d548adb82acbfa2b2e5ee
428e3d9b6eb44b5fa68ec012028021c8ddf9f12f1277547aed7b0b669483062f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiMGh2ejJRWXRxaTNqQjg5T2svNElsVjVabUMvUzU0VnM5NmVCbUY2ZXVNUnEyMTlzQkVhS1NmREY1emkydG9ORThLVERBZ1RJS0xqck1uVGhENjEveTM4SnYvakNNajZKTVdsc3lveCsydjBWell1VDFiZmlWQXZJRUcyT3BFdGFrMkpNdlVrQ1dDTWsrL2d1NlI0aWpzcGpQdjRvQU1YQjJiYnVjVDFsR2hlOXFXaVJleW5FaHNiU2lzOUx0ekw1UE53cUZBR1Q2b3VTQ3p0ajJCUFNYVFB0ekJGSnVNZE1rR2NEM2ZZbnpSZkIzaENaQTQ0c09yRStLTkNDVWxDc2ZPbElnTHBxbU12L2ZnQzlSN08wYi9DWXZETEtCalpNVldWcmNMbU8yTHJXIiwiZXhwIjoxNzE1MTY1OTg4LCJpYXQiOjE3MTUxNTE1ODh9.yD8K3lSdHcs7lqi7b0Y_PCvXmm65qUV7G7XwjrgVsaqcvlxHHh49HjGugVnYbxg9vnVSVcsCI8A5t13ETCK65A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:54 GMT
content-type: application/json; charset=utf-8
content-length: 4374
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:49 GMT
vary: Accept-Encoding
x-time-ng: 0.011
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1

178.253.29.51

200 OK

67 B

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
67 B (67 bytes)
Hash
356a755160619fcbe850aae01879e375
29192606f35c2b9f929939371b89044e2fd787e7
6b3c8c41f9f19e4f639b40ea002af843f5219ed9abe7d4398c7edb4648f89a33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:58 GMT
content-type: application/json; charset=utf-8
content-length: 67
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:58 GMT
vary: Accept-Encoding
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true

178.253.29.51

200 OK

4.4 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
4.4 kB (4389 bytes)
Hash
79e84380e47f74e648ac88ee356b2a17
3d368dba237cc4891b0200d3ae494d6012a2a56f
aeaf3deb4910a6b9c41fc4bc0d2cece657ca80a9c9198b73b6bf6a90bf89dfdf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiMGh2ejJRWXRxaTNqQjg5T2svNElsVjVabUMvUzU0VnM5NmVCbUY2ZXVNUnEyMTlzQkVhS1NmREY1emkydG9ORThLVERBZ1RJS0xqck1uVGhENjEveTM4SnYvakNNajZKTVdsc3lveCsydjBWell1VDFiZmlWQXZJRUcyT3BFdGFrMkpNdlVrQ1dDTWsrL2d1NlI0aWpzcGpQdjRvQU1YQjJiYnVjVDFsR2hlOXFXaVJleW5FaHNiU2lzOUx0ekw1UE53cUZBR1Q2b3VTQ3p0ajJCUFNYVFB0ekJGSnVNZE1rR2NEM2ZZbnpSZkIzaENaQTQ0c09yRStLTkNDVWxDc2ZPbElnTHBxbU12L2ZnQzlSN08wYi9DWXZETEtCalpNVldWcmNMbU8yTHJXIiwiZXhwIjoxNzE1MTY1OTg4LCJpYXQiOjE3MTUxNTE1ODh9.yD8K3lSdHcs7lqi7b0Y_PCvXmm65qUV7G7XwjrgVsaqcvlxHHh49HjGugVnYbxg9vnVSVcsCI8A5t13ETCK65A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:00 GMT
content-type: application/json; charset=utf-8
content-length: 4389
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 07:00:00 GMT
vary: Accept-Encoding
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.020
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetLiveExpressExtendedZip?lng=en

178.253.29.51

200 OK

645 B

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetLiveExpressExtendedZip?lng=en
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
645 B (645 bytes)
Hash
2b80b6140b1081fbcc778c9a4cf4f9b8
f493af71cbbd650bbecd1010825768156e474c1e
d1c7da06f49abd69e00504fcac037261654977f5520cfc251f6fdca94eadd95d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetLiveExpressExtendedZip?lng=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:00 GMT
content-type: application/json; charset=utf-8
content-length: 645
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 07:00:00 GMT
vary: Accept-Encoding
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/9c8a2330e46299436e60982598c0196a.webp

185.244.209.62

610 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/9c8a2330e46299436e60982598c0196a.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
610 B (610 bytes)
Hash
9d8ce81c334a855c8c38663e51c82256
fc1ec6a6b1f062930f033eea3cd52ea5b68884aa
ecfca4bb4f2c9de77fe0bbfeb8fd22808cb062e9fbebd2cac4a60c0ca5bd5d3b

HTTP Headers

GET /resized/size16/sfiles/logo_teams/9c8a2330e46299436e60982598c0196a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:00 GMT
content-type: image/webp
content-length: 610
cache-control: max-age=94608000
content-disposition: inline; filename="9c8a2330e46299436e60982598c0196a.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 11:37:34 GMT
x-request-id: 12d10f51cbbae071404cd12fc3e25774
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a615ce28f28fc428f911bd7bf43536fe-675422893353e3d8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:37:34+00:00, 2024-05-08T06:32:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/56e00ec1da6f297e9531c9e736246118.webp

185.244.209.62

598 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/56e00ec1da6f297e9531c9e736246118.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
598 B (598 bytes)
Hash
cc4669036ba2f89e78f81db5bd9eb0db
7cdf2b3640b08d6f93c4f98755583c17902d712b
2bd0c4cb97f5df3f51ac9d4e1da3dcf2565a001a849f0af5da3dd0edd61d918b

HTTP Headers

GET /resized/size16/sfiles/logo_teams/56e00ec1da6f297e9531c9e736246118.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:00 GMT
content-type: image/webp
content-length: 598
cache-control: max-age=94608000
content-disposition: inline; filename="56e00ec1da6f297e9531c9e736246118.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 04:30:03 GMT
x-request-id: 9ad512be37def8fe91b9b4efbdbbbd1a
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-10cf515176a22ea9a512fd573c7680d5-eecafae740bafd61-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T04:30:03+00:00, 2024-05-08T06:32:53+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/0c4a2052996dfea80fb98eb9b187006a.webp

185.244.209.62

782 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/0c4a2052996dfea80fb98eb9b187006a.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
782 B (782 bytes)
Hash
8ad60498675b5ae0338462f5cecf9a07
59aa917a089d59c8c55a82b438a229741f0453c4
059d90aee8a33314e2c7c48c847924d09b66ea812387dc4be0c394c010a0c753

HTTP Headers

GET /resized/size16/sfiles/logo_teams/0c4a2052996dfea80fb98eb9b187006a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:00 GMT
content-type: image/webp
content-length: 782
cache-control: max-age=94608000
content-disposition: inline; filename="0c4a2052996dfea80fb98eb9b187006a.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 06:16:12 GMT
x-request-id: f5fddab23bc2578c74f87a333ce6f43c
x-time-ng: 0.088
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f1e5f26a79337f6baa96b42fba7636ff-046405a78f3e12e0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T06:16:12+00:00, 2024-05-08T06:16:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/208a849dcce397457f2395565dd9ad7c.webp

185.244.209.62

816 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/208a849dcce397457f2395565dd9ad7c.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
816 B (816 bytes)
Hash
b6f4a7d749e8f455a1b90fcf1d1839f4
91bbdbdf4e01f3a28c2d0744f51c9e518ddd7045
1e8afcb83d064c88d086a4e3a75c017ff53a55d5178b310d602518b48d23792c

HTTP Headers

GET /resized/size16/sfiles/logo_teams/208a849dcce397457f2395565dd9ad7c.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:00 GMT
content-type: image/webp
content-length: 816
cache-control: max-age=94608000
content-disposition: inline; filename="208a849dcce397457f2395565dd9ad7c.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 06:16:12 GMT
x-request-id: 1fb9d708b3a44b66267d1f1c382148bf
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-831a74f13a28a16163bcb80d0edd4e6f-9f1aae3c9e8772d4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T06:16:12+00:00, 2024-05-08T06:16:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/3280.webp

185.244.209.62

706 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/3280.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
706 B (706 bytes)
Hash
eb6394c569a20a918efb1c9b44dca56a
e10ba0ec508005dcb148271961023cb0a77b66c4
223431100d452bdf5919eb8239346eac714729a6caeca09a1279b811c3a7ea7e

HTTP Headers

GET /resized/size16/sfiles/logo_teams/3280.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:00 GMT
content-type: image/webp
content-length: 706
cache-control: max-age=94608000
content-disposition: inline; filename="3280.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 01:57:40 GMT
x-request-id: 427242ba71f144834a171e1dcae41ea1
x-time-ng: 0.078
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2178d3a6bf6bd62f7312ee18a93813c5-d66ccc79937be4c6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T01:57:40+00:00, 2024-05-08T05:57:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/5da03585c333cf46b42b284459b9b034.webp

185.244.209.62

766 B

URL
v3.traincdn.com/resized/size16/sfiles/logo_teams/5da03585c333cf46b42b284459b9b034.webp
IP
185.244.209.62:0
ASN
#199524 G-Core Labs S.A.

Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
766 B (766 bytes)
Hash
0c84185b8f881187207736c785fed798
403a3925ecb8e13302520f302d70161b4875efbe
89b12c4440e36b2fcb77e852d702b6e82eeb21abee259060ecfa274ecd1bde4a

HTTP Headers

GET /resized/size16/sfiles/logo_teams/5da03585c333cf46b42b284459b9b034.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:00 GMT
content-type: image/webp
content-length: 766
cache-control: max-age=94608000
content-disposition: inline; filename="5da03585c333cf46b42b284459b9b034.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 01:57:40 GMT
x-request-id: e39b95d22a5272560ea73607ebc185f8
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c73f6dddd1aa75d5c51265dc9d25f808-643055bf4a9b0c41-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T01:57:40+00:00, 2024-05-08T05:57:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetLiveExpressExtendedZip?lng=en

178.253.29.51

200 OK

645 B

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetLiveExpressExtendedZip?lng=en
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
645 B (645 bytes)
Hash
2b80b6140b1081fbcc778c9a4cf4f9b8
f493af71cbbd650bbecd1010825768156e474c1e
d1c7da06f49abd69e00504fcac037261654977f5520cfc251f6fdca94eadd95d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetLiveExpressExtendedZip?lng=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:00 GMT
content-type: application/json; charset=utf-8
content-length: 645
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 07:00:00 GMT
vary: Accept-Encoding
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LineFeed/GetExpressDayExtendedZip?lng=en

178.253.29.51

200 OK

645 B

URL GET HTTP/2
1xlite-461430.top/service-api/LineFeed/GetExpressDayExtendedZip?lng=en
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
645 B (645 bytes)
Hash
99623f54858431c8921356c88d616841
0616137e833c0b509113f6074ff5be7af45db8d5
15a92c4459593382ab2e031a05cd9a1d09e21866a4ad4cd21050542d33c278fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LineFeed/GetExpressDayExtendedZip?lng=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:00 GMT
content-type: application/json; charset=utf-8
content-length: 645
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 07:00:00 GMT
vary: Accept-Encoding
x-time-ng: 0.008
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.015
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LineFeed/GetExpressDayExtendedZip?lng=en

178.253.29.51

200 OK

645 B

URL GET HTTP/2
1xlite-461430.top/service-api/LineFeed/GetExpressDayExtendedZip?lng=en
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
645 B (645 bytes)
Hash
99623f54858431c8921356c88d616841
0616137e833c0b509113f6074ff5be7af45db8d5
15a92c4459593382ab2e031a05cd9a1d09e21866a4ad4cd21050542d33c278fc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LineFeed/GetExpressDayExtendedZip?lng=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:00 GMT
content-type: application/json; charset=utf-8
content-length: 645
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 07:00:00 GMT
vary: Accept-Encoding
x-time-ng: 0.008
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1

178.253.29.51

200 OK

67 B

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
67 B (67 bytes)
Hash
356a755160619fcbe850aae01879e375
29192606f35c2b9f929939371b89044e2fd787e7
6b3c8c41f9f19e4f639b40ea002af843f5219ed9abe7d4398c7edb4648f89a33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetGameZip?id=530091694&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:03 GMT
content-type: application/json; charset=utf-8
content-length: 67
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:58 GMT
vary: Accept-Encoding
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66

178.253.29.51

200 OK

2.3 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
2.3 kB (2313 bytes)
Hash
b6c187064ba66abb42f22d2cae776170
c6f4f404f69a802918abb8f53db625e0c43846ca
ee1ac9939125bed3a64717662511dae8a3b6f2d424aeb1d25a4991a102d54381

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiMGh2ejJRWXRxaTNqQjg5T2svNElsVjVabUMvUzU0VnM5NmVCbUY2ZXVNUnEyMTlzQkVhS1NmREY1emkydG9ORThLVERBZ1RJS0xqck1uVGhENjEveTM4SnYvakNNajZKTVdsc3lveCsydjBWell1VDFiZmlWQXZJRUcyT3BFdGFrMkpNdlVrQ1dDTWsrL2d1NlI0aWpzcGpQdjRvQU1YQjJiYnVjVDFsR2hlOXFXaVJleW5FaHNiU2lzOUx0ekw1UE53cUZBR1Q2b3VTQ3p0ajJCUFNYVFB0ekJGSnVNZE1rR2NEM2ZZbnpSZkIzaENaQTQ0c09yRStLTkNDVWxDc2ZPbElnTHBxbU12L2ZnQzlSN08wYi9DWXZETEtCalpNVldWcmNMbU8yTHJXIiwiZXhwIjoxNzE1MTY1OTg4LCJpYXQiOjE3MTUxNTE1ODh9.yD8K3lSdHcs7lqi7b0Y_PCvXmm65qUV7G7XwjrgVsaqcvlxHHh49HjGugVnYbxg9vnVSVcsCI8A5t13ETCK65A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:04 GMT
content-type: application/json; charset=utf-8
content-length: 2313
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 07:00:04 GMT
vary: Accept-Encoding
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137

178.253.29.51

200 OK

259 B

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
259 B (259 bytes)
Hash
2bc6a7dfea22a69ab35946463edf2753
94716f276d6696366c18b065a2c6ef638a28c89f
5adc56c5dd4970cc93251ab69b375b2e3d3a1767ddccdc6ae510a29362a37115

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiMGh2ejJRWXRxaTNqQjg5T2svNElsVjVabUMvUzU0VnM5NmVCbUY2ZXVNUnEyMTlzQkVhS1NmREY1emkydG9ORThLVERBZ1RJS0xqck1uVGhENjEveTM4SnYvakNNajZKTVdsc3lveCsydjBWell1VDFiZmlWQXZJRUcyT3BFdGFrMkpNdlVrQ1dDTWsrL2d1NlI0aWpzcGpQdjRvQU1YQjJiYnVjVDFsR2hlOXFXaVJleW5FaHNiU2lzOUx0ekw1UE53cUZBR1Q2b3VTQ3p0ajJCUFNYVFB0ekJGSnVNZE1rR2NEM2ZZbnpSZkIzaENaQTQ0c09yRStLTkNDVWxDc2ZPbElnTHBxbU12L2ZnQzlSN08wYi9DWXZETEtCalpNVldWcmNMbU8yTHJXIiwiZXhwIjoxNzE1MTY1OTg4LCJpYXQiOjE3MTUxNTE1ODh9.yD8K3lSdHcs7lqi7b0Y_PCvXmm65qUV7G7XwjrgVsaqcvlxHHh49HjGugVnYbxg9vnVSVcsCI8A5t13ETCK65A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:04 GMT
content-type: application/json; charset=utf-8
content-length: 259
cache-control: no-cache
content-encoding: br
last-modified: Wed, 08 May 2024 07:00:04 GMT
vary: Accept-Encoding
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true

178.253.29.51

200 OK

4.4 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
4.4 kB (4389 bytes)
Hash
79e84380e47f74e648ac88ee356b2a17
3d368dba237cc4891b0200d3ae494d6012a2a56f
aeaf3deb4910a6b9c41fc4bc0d2cece657ca80a9c9198b73b6bf6a90bf89dfdf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LiveFeed/GetSportsShortZip?sports=1&champs=118587&lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiMGh2ejJRWXRxaTNqQjg5T2svNElsVjVabUMvUzU0VnM5NmVCbUY2ZXVNUnEyMTlzQkVhS1NmREY1emkydG9ORThLVERBZ1RJS0xqck1uVGhENjEveTM4SnYvakNNajZKTVdsc3lveCsydjBWell1VDFiZmlWQXZJRUcyT3BFdGFrMkpNdlVrQ1dDTWsrL2d1NlI0aWpzcGpQdjRvQU1YQjJiYnVjVDFsR2hlOXFXaVJleW5FaHNiU2lzOUx0ekw1UE53cUZBR1Q2b3VTQ3p0ajJCUFNYVFB0ekJGSnVNZE1rR2NEM2ZZbnpSZkIzaENaQTQ0c09yRStLTkNDVWxDc2ZPbElnTHBxbU12L2ZnQzlSN08wYi9DWXZETEtCalpNVldWcmNMbU8yTHJXIiwiZXhwIjoxNzE1MTY1OTg4LCJpYXQiOjE3MTUxNTE1ODh9.yD8K3lSdHcs7lqi7b0Y_PCvXmm65qUV7G7XwjrgVsaqcvlxHHh49HjGugVnYbxg9vnVSVcsCI8A5t13ETCK65A
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2; _ga_7JGWL9SV66=GS1.1.1715151589.1.0.1715151589.60.0.0; _ga=GA1.1.473268291.1715151590
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:05 GMT
content-type: application/json; charset=utf-8
content-length: 4389
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 07:00:00 GMT
vary: Accept-Encoding
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2

pp23vi1.com/static/pixel.gif?1715151605976

178.253.14.123

43 B

URL
pp23vi1.com/static/pixel.gif?1715151605976
IP
178.253.14.123:0
ASN
#202492 Silverhill Group Holding Ltd

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /static/pixel.gif?1715151605976 HTTP/1.1
Host: pp23vi1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 07:00:06 GMT
content-type: image/gif
content-length: 43
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: no-cache
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/a85c5ff.css

83.147.204.194

200 OK

177 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/css/a85c5ff.css
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
177 kB (176643 bytes)
Hash
cb6bc1be312eff46dbc57f0607dea901
280607861a70cb685e99fb31ef20616c1785edff
44f9efe8ef61b2f4a958e10a0913a12849c828e0f85e61000d48958bd35abd08

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/a85c5ff.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"cb6bc1be312eff46dbc57f0607dea901"
x-amz-meta-mtime: 1714822493.64920937
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.015
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js

185.244.209.62

200 OK

101 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (35828)
Size
101 kB (100701 bytes)
Hash
51ddc52774f4e5bd6a6f1c22e9d19674
374c2fbb2b68ad9c28898dfe60da3fd828ccf7c4
642e66ee14ca90b6ff8f91fbfdce400c6834a037dee18a60a72922ea727bb442

HTTP Headers

GET /sys-static/shared-assets/__shared_chunk_M4D4AAJL.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 13:05:33 GMT
etag: W/"51ddc52774f4e5bd6a6f1c22e9d19674"
x-amz-meta-mtime: 1715000580.87646382
content-encoding: gzip
expires: Wed, 08 May 2024 12:42:07 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e76f9a814630ba2d11df3814d52744dd-fa03333edad418c4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T12:42:07+00:00, 2024-05-07T12:51:04+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/8b6e4a5fa23705aa067893e3285293af.png

83.147.204.194

200 OK

21 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/8b6e4a5fa23705aa067893e3285293af.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
21 kB (20724 bytes)
Hash
b85dbb68a700d0cece6ea71c6bed047b
c29a072e67594bd4cf4f9bd9563ea7a533d6f8c6
767d1546058b6e8021f0898c83aad26f22eb46a0ebd015badad302058b87450a

HTTP Headers

GET /sfiles/logo_teams/8b6e4a5fa23705aa067893e3285293af.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 20724
last-modified: Wed, 01 Feb 2023 09:10:50 GMT
etag: "b85dbb68a700d0cece6ea71c6bed047b"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.069
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js

185.244.209.62

200 OK

69 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (32238)
Size
69 kB (68856 bytes)
Hash
138de5d55ee831195dd90bbf5c557926
4413082980942643803d8d4567df2f8395c0e868
55a6d9d38b0c68a21367ae7ae43333bfa61e2eddd38b2376eb5b192f0a0383cd

HTTP Headers

GET /sys-static/shared-assets/__shared_sweetalert2_X3CQ7PJQ.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 09:11:40 GMT
etag: W/"138de5d55ee831195dd90bbf5c557926"
x-amz-meta-mtime: 1715072814.261664647
content-encoding: gzip
expires: Wed, 08 May 2024 15:18:14 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a5ef523ef7f3b8ee8cd41a215666a3cf-60d0cbae5477670e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:18:14+00:00, 2024-05-07T15:56:16+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/4e38cdf2b5d77aba4fb2630db5d13097.json

178.253.29.51

200 OK

14 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/4e38cdf2b5d77aba4fb2630db5d13097.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
14 kB (13782 bytes)
Hash
00016d59394dbec5ec0fb1cc7cc87f70
ac61517dc4d77edd46e06aa66dca8b47e21fc64a
d8a350d41a5611bf32b7c03888b7bd9921eb2b016760c22d95fd5f6cb0c2e8ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/4e38cdf2b5d77aba4fb2630db5d13097.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Mon, 25 Mar 2024 15:12:10 GMT
etag: W/"00016d59394dbec5ec0fb1cc7cc87f70"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

1xlite-461430.top/paysystems/information/systems?lang=en&ref_id=1&geo=NO

178.253.29.51

200 OK

27 kB

URL GET HTTP/2
1xlite-461430.top/paysystems/information/systems?lang=en&ref_id=1&geo=NO
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
27 kB (26865 bytes)
Hash
b37f7c2a19f7e14b5b834ec5532af277
473d039dc440744109c049a49da67a08e7157cbe
269006ae20bef66e40b26843e6e400dab00f45c297ea9a50ce467a2b9d3694bb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /paysystems/information/systems?lang=en&ref_id=1&geo=NO HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: application/json
cache-control: max-age=0, must-revalidate, private
content-encoding: br
expires: Wed, 08 May 2024 06:59:39 GMT
set-cookie: application_locale=en; expires=Fri, 07 Jun 2024 06:59:39 GMT; Max-Age=2592000; path=/; secure; samesite=lax
traceparent: 00-6709ffe729f39b76d2e0d5e7fafc7cc0-fd35c60e0507f5b4-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.232, 0.235
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=234.966, wf-uht;dur=0.243
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-07683518.js

185.244.209.62

200 OK

40 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-07683518.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (39925), with no line terminators
Size
40 kB (39925 bytes)
Hash
5609f3d5d46109e5230f492c3d89cdcd
522c0a551da1db7753e72b6a629064a6170791d9
13f2ef217e2e8cc997cbcaa97126a6c31430ae1d073e406944364fb5f45f70e7

HTTP Headers

GET /_nuxt/desktop/default/vendors/Registration.Fields-07683518.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/javascript; charset=utf-8
content-length: 8880
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-22b0"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:25 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2ea9939867985e528eb2e65fad153d49-38ead35ada409027-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:25+00:00, 2024-05-07T15:30:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/26deec4046e2e58843ba18416c974888.json

178.253.29.51

200 OK

3.9 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/26deec4046e2e58843ba18416c974888.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text, with very long lines (4215), with no line terminators
Size
3.9 kB (3854 bytes)
Hash
1b637a391a2c7af0ab37ca2a17e54cce
351de8a908cd480471ecddec6f4d3be70383f360
683f8e37ff636a8c6d514f64622d78a22a8614627394e4c07e08fcd8e51acb32

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/26deec4046e2e58843ba18416c974888.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Wed, 02 Aug 2023 19:14:13 GMT
etag: W/"4fbd88daf682e044bae4a64e94480218"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-7V60YW2S5H

142.250.74.40

200 OK

300 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-7V60YW2S5H
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE
ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT

File type

Size
300 kB (300096 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /gtag/js?id=G-7V60YW2S5H HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 08 May 2024 06:59:47 GMT
expires: Wed, 08 May 2024 06:59:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 101748
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3a9e96a04d11.js

185.244.209.62

200 OK

4.2 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3a9e96a04d11.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4298), with no line terminators
Size
4.2 kB (4217 bytes)
Hash
d80f393ce61ec27614a1778a306f13a4
d444960930ebcbc54be463a1d0c02f08cd2ce615
8276d8b9c4d7f3fbe6086fcfc1ab608c257923fa06ef96fd43670dd15873a77f

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/3a9e96a04d11.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"da4fcf0e06e63dbfcf3058f435e0a172"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-3ecaf1d7ff4f915d8545a5ef1fcde644-79ea20b438aeb962-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-07T17:01:38+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/12673.png

83.147.204.194

200 OK

9.9 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/12673.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
9.9 kB (9867 bytes)
Hash
bf67202e03b392e82ccf9e4c6318119c
139b8412d74dae00cddc7d9b94ccbb1127585b82
cc19dc801441029ac74c064378b359b5f2b8c73d5e724150e9e40be7ed568292

HTTP Headers

GET /sfiles/logo_teams/12673.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:50 GMT
content-type: image/png
content-length: 9867
last-modified: Sat, 28 Jan 2023 17:02:24 GMT
etag: "bf67202e03b392e82ccf9e4c6318119c"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.055
X-Firefox-Spdy: h2

widget.suphelper.top/

172.64.148.184

200 OK

496 kB

URL GET HTTP/2
widget.suphelper.top/
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type

Size
496 kB (496420 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 06:59:39 GMT
content-type: text/html; charset=utf-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=60, stale-while-revalidate=30
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8807917dbbb85693-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

1xlite-461430.top/hd-api/external/api/web/v1/j/b1ai8j485i844j8395c466291d4569b7223eb0b26bb10aa5edb9

178.253.29.51

200 OK

619 B

URL POST HTTP/2
1xlite-461430.top/hd-api/external/api/web/v1/j/b1ai8j485i844j8395c466291d4569b7223eb0b26bb10aa5edb9
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (625), with no line terminators
Size
619 B (619 bytes)
Hash
801e9be4733ac829c2a88b2eca497f25
86b831483258f29c3366e4819ed214debf840d42
e36b25d0741c3e0b00c0aa60b20359f5108aae3d833aaa1ef4b3bf4f8a2397d1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /hd-api/external/api/web/v1/j/b1ai8j485i844j8395c466291d4569b7223eb0b26bb10aa5edb9 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Content-Length: 105916
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: application/json
content-length: 517
content-encoding: gzip
traceparent: 00-d68a80245a66b9c25252c45b4f3e6749-827749813de6bbb5-01
vary: Accept-Encoding
x-dt: 285
x-request-guid: 26ee33826568ef5fea324755a21fba35
x-time-ng: 0.010
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=9.814, wf-uht;dur=0.031
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg

178.253.29.51

200 OK

263 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
SVG Scalable Vector Graphics image
Size
263 B (263 bytes)
Hash
dbc38523726c88d79a0dcc19839a6905
5244c0aeaf9bbffb286ca9156844c4a509a5585a
6711e073efb320b48b648ac5e2e30e88c93829d80ed571b4d3c92cf4e56e4fa4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: image/svg+xml
content-length: 263
last-modified: Fri, 23 Feb 2024 10:01:24 GMT
etag: "28e2c161800b61b985a163f5c492ae51"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.328/285/logos.svg

185.244.209.62

200 OK

43 kB

URL GET HTTP/2
v3.traincdn.com/sys-icons/1.0.328/285/logos.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
43 kB (42787 bytes)
Hash
c45fb3adb3e47bdbd03c88fc4c4309aa
9ce991739a2879970ba12baf56108c8fcdefefb1
61d5aead50750c6e8a7bfde801abbf6f4ab75e387fdcc748ec6784e219e4d727

HTTP Headers

GET /sys-icons/1.0.328/285/logos.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"c45fb3adb3e47bdbd03c88fc4c4309aa"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:05 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7ea9f69906f91918db6f669fcc50d341-484edcfce7ba083d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:05+00:00, 2024-05-07T12:12:51+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-icons/1.0.328/285/common.svg

185.244.209.62

200 OK

147 kB

URL GET HTTP/2
v3.traincdn.com/sys-icons/1.0.328/285/common.svg
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
147 kB (146981 bytes)
Hash
7bf3e9e7d79beac942f5e7748a3af2e6
7c6896ef647506806f2cdbe998d8c9eb845a1754
663e2fc5004af9c6c1969fc5827d7ffdbfeec8d4753efd831208cb179f0a488f

HTTP Headers

GET /sys-icons/1.0.328/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:01 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6eb94d3c48683dc1294c162eec8f1d46-09576b3c5a30eeb7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:01+00:00, 2024-05-07T12:12:51+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-2f154c8d.js

185.244.209.62

200 OK

416 B

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidgetAnalytics-2f154c8d.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (420), with no line terminators
Size
416 B (416 bytes)
Hash
6011b66368f5cfa94df268ae2f300123
b647b48d45aebf320951314c1b4d35fca243b60f
ad59ad143c1dd3a37994edc368bec10f659759271f242d10a477c5f39cb19425

HTTP Headers

GET /_nuxt/desktop/default/DownloadAppWidgetAnalytics-2f154c8d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 365
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-16d"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-91207840f48c980b6bd9d40338b2e752-253def77501f72c5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:30+00:00, 2024-05-07T15:29:44+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/b0276b0a7ae86d0dc87c292efc4ad16c.json

178.253.29.51

200 OK

884 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/b0276b0a7ae86d0dc87c292efc4ad16c.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text, with very long lines (974), with no line terminators
Size
884 B (884 bytes)
Hash
73177e72cd29dd7ce6b1b687d5e81dc0
5ae507604a9e46ffa8a9eec733d41ff4e77441b9
1de297b5b2bc3a2d536ab86a5f6629798f5e26712d3ce377b272e8badb8ba5c5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/b0276b0a7ae86d0dc87c292efc4ad16c.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
content-length: 884
last-modified: Thu, 31 Aug 2023 12:36:01 GMT
etag: "c2eb16bc46aea587d16e3eb8bff889ad"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.023
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css

185.244.209.62

200 OK

5.2 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (5171), with no line terminators
Size
5.2 kB (5171 bytes)
Hash
5d231bea9b7df6bc1e9e74e3c0a231e1
2ef607f0c766fff1b4b1e90a2d98e7094c81721e
c43fd428fe6e9d25ddf385a1cf03891194126ebf9e83d086af655272e815445b

HTTP Headers

GET /_nuxt/desktop/default/css/e5eb737e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: text/css
content-length: 1050
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-41a"
content-encoding: gzip
expires: Wed, 08 May 2024 08:09:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-f837a91b7be84534ec3688747c410f37-3c8abeb109b999d1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:09:31+00:00, 2024-05-07T12:50:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/52a4582.css

83.147.204.194

200 OK

602 B

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/css/52a4582.css
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (602), with no line terminators
Size
602 B (602 bytes)
Hash
1376a221fd8aef4babfe7e62b0625b58
7f4347a56520575495cd22b71f8cf58a952f521a
8f093ac5ffb16a560fc8780a329274c8c5d1e8d2a7142d5b79a6ae8ac0b5d2cf

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/52a4582.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
content-length: 602
last-modified: Sat, 04 May 2024 11:36:16 GMT
etag: "1376a221fd8aef4babfe7e62b0625b58"
x-amz-meta-mtime: 1714822493.64920937
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/a164815.js

83.147.204.194

200 OK

1.6 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/a164815.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1625), with no line terminators
Size
1.6 kB (1573 bytes)
Hash
23563d4cb42e00678f561c16d98ed561
9deed0da70355bc57f0620a527fa97768e7f8701
b847439d31bdbc553253cc19ec094a7833ecb4eaf9ed2e1814c5abc5ada1b9cc

HTTP Headers

GET /statistic-app/sys-static/desktop/default/a164815.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"ee5b0bece0112f7a04533fc179e3d381"
x-amz-meta-mtime: 1714822493.665209092
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/12d8ee2576692fff036a68507fb52970.json

178.253.29.51

200 OK

1.4 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/12d8ee2576692fff036a68507fb52970.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text, with very long lines (1544), with no line terminators
Size
1.4 kB (1403 bytes)
Hash
a47375b5a25fe5339714760cc85421f6
465c140c2ccf1776984f6d3530020d6d6ca5cfc0
45cfa66ca597afa421464833adcb8e12daf2dbb3eeb5216115e0da75bc406167

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/12d8ee2576692fff036a68507fb52970.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Thu, 14 Mar 2024 18:43:34 GMT
etag: W/"38f190a4cb1989aed041659da0a372aa"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/10513.webp

185.244.209.62

200 OK

806 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/10513.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
806 B (806 bytes)
Hash
467d743015a228650eef34f3aa8c06d3
41ac7299b7752b91accc00b278c6781d53f25bc9
11840fb3cdbcef0b52898e2101e6ccc350401949c73d63b3a356fdfa627270db

HTTP Headers

GET /resized/size16/sfiles/logo_teams/10513.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/webp
content-length: 806
cache-control: max-age=94608000
content-disposition: inline; filename="10513.webp"
content-security-policy: script-src 'none'
expires: Sun, 14 Mar 2027 15:05:24 GMT
x-request-id: fe00e3ed90c5e8568d38c742f4cdad1c
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-175865d745fbcdbc17a6451e5b5988a6-13c51d2679f306c2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-14T15:05:24+00:00, 2024-03-19T13:09:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c7de6303dfb7.js

185.244.209.62

200 OK

424 B

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c7de6303dfb7.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (441), with no line terminators
Size
424 B (424 bytes)
Hash
f911ee0234277e327d2c022f302a7c00
8bb8735151af34da1b8b5535d8edba40ef651880
8d6afd5d1b2268065bd9d67a99b954636dc4fb05939280c2a32738040f8fb0e5

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/c7de6303dfb7.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: text/javascript; charset=utf-8
content-length: 424
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: "33e7498a57ccd45d4321735d481a7313"
x-amz-meta-mtime: 1714551564.675873475
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-300e22936d7b49a47fdae6176ae0b209-c3c4c7eaac4a18ad-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-07T17:01:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e06c9d6a2655d78a28144abe88798172.json

178.253.29.51

200 OK

499 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e06c9d6a2655d78a28144abe88798172.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text, with very long lines (548), with no line terminators
Size
499 B (499 bytes)
Hash
c1574b1ad8ae9c853e29a24f9ced1c91
10ecbaca4fef4ab5b8adade0599ed34932c6f02b
e60bd60736dd06de64d6901d8cd810dcf4a88049f27f948b55871264c3bb89d9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/e06c9d6a2655d78a28144abe88798172.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 499
last-modified: Mon, 05 Jun 2023 14:13:26 GMT
etag: "e3d17d66f9e675ca9273e04470203275"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LineFeed/GetGameZip?id=211655412&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1

178.253.29.51

200 OK

100 B

URL GET HTTP/2
1xlite-461430.top/service-api/LineFeed/GetGameZip?id=211655412&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
100 B (100 bytes)
Hash
a7066d6747852a64adda62e7ce91bd36
fc3e0110e548a315ed0ebbe2aa2b97248905b273
f868cf37b5e9133f984ec443b8aa7e9430b37389f3aa821ea192bce111f4f528

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LineFeed/GetGameZip?id=211655412&lng=en&isSubGames=true&GroupEvents=true&countevents=250&grMode=4&topGroups=&country=137&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: application/json; charset=utf-8
content-length: 88
cache-control: public, max-age=5
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:42 GMT
vary: Accept-Encoding
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/15a8c4906c0d2f2495992ff74bd59dd1.webp

185.244.209.62

200 OK

702 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/15a8c4906c0d2f2495992ff74bd59dd1.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
702 B (702 bytes)
Hash
bf80a3023d2c62586c45bc42d20a0e1c
2db14a650b4395e1cd96d83cf3b5a4ea0e0243b0
e53a81e4c60f984ac8d0b78a44bd0ec041f312f3008f2c90c81d7db333f247a0

HTTP Headers

GET /resized/size16/sfiles/logo_teams/15a8c4906c0d2f2495992ff74bd59dd1.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/webp
content-length: 702
cache-control: max-age=94608000
content-disposition: inline; filename="15a8c4906c0d2f2495992ff74bd59dd1.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 00:25:39 GMT
x-request-id: c455632ed1ceac2c9b2cf7f29a107b76
x-time-ng: 0.024
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4914628d0ff7a12ea4d32895418947fc-501e09971bb96c97-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T00:25:39+00:00, 2024-05-07T21:40:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js

185.244.209.62

200 OK

25 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (17403)
Size
25 kB (25139 bytes)
Hash
701ad5a22b8ea7213a53e334d0898349
87749d947f6aa40eb671447b58261d710ec5479b
07669c2ea7c29dd69e47f5518ba73b76389f3479e19f7362b461ef0fff96c1f0

HTTP Headers

GET /sys-static/shared-assets/__shared_vue_final_modal_XPPMTKII.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 13:05:33 GMT
etag: W/"701ad5a22b8ea7213a53e334d0898349"
x-amz-meta-mtime: 1715000580.880463816
content-encoding: gzip
expires: Wed, 08 May 2024 12:42:07 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-465067885a4f048f70e6a2ee79508d65-9844671a53df4272-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T12:42:07+00:00, 2024-05-07T12:51:04+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e781b67ba2558128946fd2f9d870ffcb.json

178.253.29.51

200 OK

12 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/e781b67ba2558128946fd2f9d870ffcb.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
12 kB (11769 bytes)
Hash
9e5da15e44d6b6bab0cfc7c07ba9495d
4a67254b45112089d0833028de0c9c81acb930a3
0d51ae7eaa1511001f9b8b562a49d1b55d177a655f26035364485f02d5384af9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/e781b67ba2558128946fd2f9d870ffcb.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Sat, 20 Apr 2024 09:17:16 GMT
etag: W/"9e5da15e44d6b6bab0cfc7c07ba9495d"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/cce25522580165589a18f52d2107f05a.webp

185.244.209.62

200 OK

694 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/cce25522580165589a18f52d2107f05a.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
694 B (694 bytes)
Hash
a72656c18bcf66f0e83d61e79bb60c4f
160acbe3cae7cc3912b613f6b3ba299300a2ae81
542efa59acba1f2e06a23cf722fa955cc6187a8523b624e4d5033f89010c0f80

HTTP Headers

GET /resized/size16/sfiles/logo_teams/cce25522580165589a18f52d2107f05a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/webp
content-length: 694
cache-control: max-age=94608000
content-disposition: inline; filename="cce25522580165589a18f52d2107f05a.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 11:41:53 GMT
x-request-id: 62f98453c19d377ba3a6e6a395000300
x-time-ng: 0.034
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8668f831f4e807e1b26d65a470328f32-c8be0733df47565f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T11:41:53+00:00, 2024-05-07T21:40:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7b53ac9cad2f.js

185.244.209.62

200 OK

41 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7b53ac9cad2f.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (41364)
Size
41 kB (41365 bytes)
Hash
de79bf6739658de7bc537d692f3638fe
1e7a3af0be67bc48ac8f184324daff5f1422ac26
35f8f183f2c85dfafed1127ec3f72da678b9eea861b4083672ae4580ff6a0af0

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7b53ac9cad2f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"de79bf6739658de7bc537d692f3638fe"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:51 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-3735fbc97cddd5055c6561593367ffa8-26faf01a1c4255ba-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:51+00:00, 2024-05-07T17:01:36+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/85e6f6a.js

83.147.204.194

200 OK

7.1 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/85e6f6a.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
JavaScript source, ASCII text, with very long lines (7285), with no line terminators
Size
7.1 kB (7113 bytes)
Hash
839351f2b02f5dff35cf4f3c8d7dfc53
92a500454fbd29c1b260c6420e28cdb673fe24ee
bc900420dfbfa581ac21fe98eb2b7b47cdd77956b2976954451fe76f0cf7f79f

HTTP Headers

GET /statistic-app/sys-static/desktop/default/85e6f6a.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"ddd0e8b8a0f068bbbea042b7e3ef1878"
x-amz-meta-mtime: 1714822493.661209161
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/895fe4c.css

83.147.204.194

200 OK

6.8 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/css/895fe4c.css
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (6763), with no line terminators
Size
6.8 kB (6759 bytes)
Hash
381e86080aee445d0651c61a868697c5
d2d327402c3ea36f71090f79f1d78f977fc336da
402e03c346f59bc3ab9eaa183d9216680d129a6e5b3a073d54d13edeb9dedf7a

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/895fe4c.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"ad452b2d2bdd160972849c0cf57e8050"
x-amz-meta-mtime: 1714822493.661209161
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png

185.244.209.62

200 OK

5.2 kB

URL GET HTTP/2
v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
PNG image data, 514 x 514, 8-bit colormap, non-interlaced
Size
5.2 kB (5202 bytes)
Hash
b9a636eef54b2844b571fe7de49184a7
bf653690790ced40eb3189da075a275d951d1607
001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: image/png
content-length: 5202
last-modified: Wed, 28 Feb 2024 07:52:20 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-59b8844628c764bb1bf26d233afc07e8-3fe83efa031ea602-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-03T07:12:40+00:00, 2024-05-08T06:43:04+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/ed42bca43806de0153823b833d924685.webp

185.244.209.62

200 OK

742 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/ed42bca43806de0153823b833d924685.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
742 B (742 bytes)
Hash
e9cdce5f697ae724089210f422e66f74
6504d9b7c7058c4160814ff249de9215ea2435da
54d524824a6b69d9e98d5e2a0378cd40c76ac65e02cc8705d51b5ca2e0121635

HTTP Headers

GET /resized/size16/sfiles/logo_teams/ed42bca43806de0153823b833d924685.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/webp
content-length: 742
cache-control: max-age=94608000
content-disposition: inline; filename="ed42bca43806de0153823b833d924685.webp"
content-security-policy: script-src 'none'
expires: Sat, 08 May 2027 06:15:52 GMT
x-request-id: 35b70e2c4fe670a2b228171c7871aab7
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7d8f80da1fa95e135d099bf625b51724-199e1c7d1ef9c6a9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-08T06:15:52+00:00, 2024-05-08T06:15:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/a3df5d5.css

83.147.204.194

200 OK

5.4 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/css/a3df5d5.css
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (5397), with no line terminators
Size
5.4 kB (5391 bytes)
Hash
2169b65ad685d31333692b3fa8abe3f8
caf07aad85ff6138490ccab29ded99581f9c7213
01a029b7a2c890b8d9445e180cc38aca322d8a38b854663827c5e645ee5208db

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/a3df5d5.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"8bfb2bd8c90c5074270ef85da1d624ce"
x-amz-meta-mtime: 1714822493.665209092
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2

widget.suphelper.top/services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%2248f284c5-217a-4f3c-9da7-76cb91b7e1c2%22%7D

172.64.148.184

200 OK

24 B

URL GET HTTP/2
widget.suphelper.top/services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%2248f284c5-217a-4f3c-9da7-76cb91b7e1c2%22%7D
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
24 B (24 bytes)
Hash
d6bacfff68d40ad2744454c2506cc0f9
85f1f094d174fd4d78bd382c7948b95e9db93215
cd0483a083f6c73e9cd006ee073b875188c49f4025f771ecbcb795d40ac980ed

HTTP Headers

GET /services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%2248f284c5-217a-4f3c-9da7-76cb91b7e1c2%22%7D HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 880791866db55693-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

v3.traincdn.com/_nuxt/desktop/default/css/035c0001.css

185.244.209.62

200 OK

104 kB

URL GET HTTP/2
v3.traincdn.com/_nuxt/desktop/default/css/035c0001.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
104 kB (104302 bytes)
Hash
ac3b78bdd1c881f78913b967fd22a91f
15295665baa2ccaf71e8a093f333d087621a17ee
ee4c84a2fe257a888fcec5809b67b563aba3a4c52f102154ffa19a685434d835

HTTP Headers

GET /_nuxt/desktop/default/css/035c0001.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:36 GMT
content-type: text/css
content-length: 13859
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3623"
content-encoding: gzip
expires: Wed, 08 May 2024 09:01:03 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a0fc554c6ebedf622009305050b88fa5-46fd021097cb1cdf-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:01:03+00:00, 2024-05-07T09:06:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/7fcc0babdf76235a78accd661321a15e.png

83.147.204.194

200 OK

14 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/7fcc0babdf76235a78accd661321a15e.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGB, non-interlaced
Size
14 kB (14322 bytes)
Hash
2159d5aa2f95d4958a64b869b8b857f0
99fc252045eb909f626d8a1e094baaf4f35d9b1f
fc927ff86cd892d2fa03a072e504b5fe5df55fc96cf531efabb3f52a97bbae41

HTTP Headers

GET /sfiles/logo_teams/7fcc0babdf76235a78accd661321a15e.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 14322
last-modified: Fri, 27 Jan 2023 11:01:14 GMT
etag: "2159d5aa2f95d4958a64b869b8b857f0"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.052
X-Firefox-Spdy: h2

1xlite-461430.top/web-api/api/web/v1/config/actualDomain

178.253.29.51

200 OK

269 B

URL GET HTTP/2
1xlite-461430.top/web-api/api/web/v1/config/actualDomain
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text, with very long lines (309), with no line terminators
Size
269 B (269 bytes)
Hash
215d4ec41a2eef4892f50668a08d78b5
679c59d35660def6d7f69ef1ba474d68d92610c7
0a89b52963ad8bfdbef544205e0302670992919f2a89583905c2a264ae8e2c7b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /web-api/api/web/v1/config/actualDomain HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:38 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=55, dt_total;dur=57.364, wf-uht;dur=0.070
set-cookie: SESSION=3ad9e48588fec84fcf44e9265ad90f0a; path=/; secure; HttpOnly; SameSite=Lax
ua=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
traceparent: 00-d896de0fd3b2558bd7f700762e63e77e-6fd008ac83a3198c-01
x-dt: 285
x-time-ng: 0.057
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/img/football-field.87d1005.svg

83.147.204.194

200 OK

5.2 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/img/football-field.87d1005.svg
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
SVG Scalable Vector Graphics image
Size
5.2 kB (5152 bytes)
Hash
bb37f00a814bb33f72048a68d861bc20
3f79b76180118192aad9e3be700b4ea9e671292b
f4ccbe1f0f13ed0c90d72824a2ad2b243e4d88e5fd9b2ed6b40a1b4ce7f2bad4

HTTP Headers

GET /statistic-app/sys-static/desktop/default/img/football-field.87d1005.svg HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/statistic-app/sys-static/desktop/default/css/5a73e62.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"b63f72007e8da33ebc69dd92e5ced6ac"
x-amz-meta-mtime: 1714822493.633209647
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/heightNotifier.js

83.147.204.194

200 OK

152 B

URL GET HTTP/2
eventsstat.com/statistic-app/heightNotifier.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with no line terminators
Size
152 B (152 bytes)
Hash
4669ac5708a14a0ca2fbd12015a20921
46954675ba8c8546ae94cd2f0030ae0c4a5fac88
a80e89a45542fc2ee4c67d5f5fb99ebd2853d769b0457d3bfe635776bf824a5c

HTTP Headers

GET /statistic-app/heightNotifier.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 152
last-modified: Wed, 03 Apr 2024 11:14:49 GMT
etag: "660d3a29-98"
x-time-ng: 0.000
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/fea84bf.css

83.147.204.194

200 OK

7.2 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/css/fea84bf.css
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (7176), with no line terminators
Size
7.2 kB (7166 bytes)
Hash
d453fc3af0bc5727ddfa0751daa49ef7
540b7f4d76f6e024049f5ca5a0b11e2b3fdd2b5c
ac38a029b4ef7030a797babe6c6d7c4ddb250cff5d5b39be4150fb49223dbf4c

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/fea84bf.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"1ed55f6ad401fab4aa4387fb9dde06f5"
x-amz-meta-mtime: 1714822493.661209161
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/36ac53c.css

83.147.204.194

200 OK

23 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/css/36ac53c.css
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (22898), with no line terminators
Size
23 kB (22898 bytes)
Hash
d65ffaff166d103c1f968ac96a26ee50
42c7488c9b44cce0ade4ef790cb4d88cf283b697
c54a9bc351d115f269ecdac88e6771452723295a789b33bcaa4f63f0304292b1

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/36ac53c.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:16 GMT
etag: W/"d65ffaff166d103c1f968ac96a26ee50"
x-amz-meta-mtime: 1714822493.633209647
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.023
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/b34e8244def57286a9ec62b034cd7913.json

178.253.29.51

200 OK

1.0 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/b34e8244def57286a9ec62b034cd7913.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text, with very long lines (1145), with no line terminators
Size
1.0 kB (1042 bytes)
Hash
ff059b9895395c4ac2059d9fb53143af
b37782b1013dceb903a23cc64bcfe8c35479629d
cdab2d534f8b98300bbf1493f28738fc7e24a4e1cc95b9a6c98c9473ea4ebd85

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/b34e8244def57286a9ec62b034cd7913.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 26 May 2023 07:46:47 GMT
etag: W/"51d1cebebcdee86697a19dde67b55137"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/ba16792.js

83.147.204.194

200 OK

864 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/ba16792.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type

Size
864 kB (863777 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /statistic-app/sys-static/desktop/default/ba16792.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"5e7c6cb86fb0295e7c86da0e42532998"
x-amz-meta-mtime: 1714822493.645209439
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.015
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2e7e82ef0fd8.css

185.244.209.62

200 OK

67 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2e7e82ef0fd8.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
67 kB (67103 bytes)
Hash
86bbeccf1800ba74e6c228c6ac503cef
d4313d9e6192f09b3fb3a6271878833647ac4076
2e7e82ef0fd81f87d43846e9c6bf605560206cc4ec9689695447f786d43448b8

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2e7e82ef0fd8.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"86bbeccf1800ba74e6c228c6ac503cef"
x-amz-meta-mtime: 1714551564.667873602
content-encoding: gzip
expires: Thu, 02 May 2024 12:56:07 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-aa970033f37c9108fe430311c372e2d7-a500e50784562bc1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T12:56:07+00:00, 2024-05-07T15:30:07+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/af2e2c975cf016bc339c96b6992e1e47.json

178.253.29.51

200 OK

1.5 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/af2e2c975cf016bc339c96b6992e1e47.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text, with very long lines (1638), with no line terminators
Size
1.5 kB (1494 bytes)
Hash
1c21f311ce7d2fce86538083de17fbcc
ac92eb66bd5dc5221bb1c6106f951876b3fa083c
5298ed1b0e5f830e5fcc0e7247e439bfacf590a5a30eae05fcc49dfcae2d0d4d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/af2e2c975cf016bc339c96b6992e1e47.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 12 May 2023 15:17:16 GMT
etag: W/"b0a50f5239a6ca38097f89684eae43e4"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/7ed46ee2457f0198b31a2f0e27129049.json

178.253.29.51

200 OK

1.0 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/7ed46ee2457f0198b31a2f0e27129049.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text, with very long lines (1143), with no line terminators
Size
1.0 kB (1046 bytes)
Hash
533208f94c3264028f9329b6fbb58515
3f0caf33232924706c8a783e08d747ed9107826b
6fa6b3635c5a9a1e019c99d1d217f74a8aba28d8ffd260db817ef1079644a7b5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/7ed46ee2457f0198b31a2f0e27129049.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Mon, 26 Jun 2023 07:10:34 GMT
etag: W/"f117f2ecd3a10db0e2d79159b68fcf2f"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/c1fb45a.css

83.147.204.194

200 OK

12 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/css/c1fb45a.css
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (11487), with no line terminators
Size
12 kB (11487 bytes)
Hash
7f1fc3010ed14e0857b2a6efd601deb4
c778f6a304d79c3573d9f51efcfe7dc404bf7cdb
3c98842a29fe28063fe66472ddffa36987d46fc9ae6a51246b55da8881d60d31

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/c1fb45a.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"7f1fc3010ed14e0857b2a6efd601deb4"
x-amz-meta-mtime: 1714822493.6532093
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.023
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/be7ceee2130563820e4038814915ddd9.webp

185.244.209.62

200 OK

652 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/be7ceee2130563820e4038814915ddd9.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
652 B (652 bytes)
Hash
d7e9baceea3d25365bb4213c7214cce9
4f8bc2526de7286c833198ba4243e021512a20b0
db9a1e1b2e4626d2e4ef8c28d7ae4820c276e7a8b43ef7c9ec866c00023953f2

HTTP Headers

GET /resized/size16/sfiles/logo_teams/be7ceee2130563820e4038814915ddd9.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/webp
content-length: 652
cache-control: max-age=94608000
content-disposition: inline; filename="be7ceee2130563820e4038814915ddd9.webp"
content-security-policy: script-src 'none'
expires: Mon, 12 Apr 2027 13:24:20 GMT
x-request-id: 5a42c565f7e47ed6261297746089a131
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ea6581bd19b07d14dd9aa9aca863eda3-d9f4d57db037c8e2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-12T13:24:20+00:00, 2024-04-12T18:34:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/b364acb547241b1e58ee898c1bceff78.json

178.253.29.51

200 OK

3.2 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/b364acb547241b1e58ee898c1bceff78.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text, with very long lines (3563), with no line terminators
Size
3.2 kB (3248 bytes)
Hash
1e223d44905da3893367d9dcc5bb0d55
f601d99d66aeca958b9450305ac3c1076e4a01b3
cfc711c3aab6721fe1223fdd2bd16641efc030ad3b5d8d2d6842a2461d2e8fdb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/b364acb547241b1e58ee898c1bceff78.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Mon, 29 May 2023 13:41:49 GMT
etag: W/"2f8e39414a8ae028df7034fce1aa084c"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/3c25aef.css

83.147.204.194

200 OK

9.0 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/css/3c25aef.css
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (9022), with no line terminators
Size
9.0 kB (9014 bytes)
Hash
0cd0202e7b0b2db1c323ff27be384222
d20b1628fed18b935fc8831ee09a1634b086eba1
d257d052693387668d58a5f7054b7234e3ee1138a5e25c3a9a7b54b268f09a9e

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/3c25aef.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:16 GMT
etag: W/"5d4675245965e3382e73f6ee7659e3a0"
x-amz-meta-mtime: 1714822493.661209161
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/3da7da1f4fc2b63428ddfbf857f6a539.png

83.147.204.194

200 OK

15 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/3da7da1f4fc2b63428ddfbf857f6a539.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
15 kB (14609 bytes)
Hash
f00b61e36c72e55a46a092810d4263ea
d81cec446f5443a5ef83ddf8fce7c66a9bf478a8
65ca9b0f82413d3e2cac6a093d66571a1ef16015567f86e0b73697dece5937e7

HTTP Headers

GET /sfiles/logo_teams/3da7da1f4fc2b63428ddfbf857f6a539.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 14609
last-modified: Tue, 31 Jan 2023 09:30:17 GMT
etag: "f00b61e36c72e55a46a092810d4263ea"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.068
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js

172.64.148.184

200 OK

481 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/1743016e-d00d67a74426f155.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
481 kB (480579 bytes)
Hash
46260bb46d51262abee818c0c3bcf1c6
fe3be222aec74704fad1fa2559788b1fa287094a
20700e65659e04d422580d9c792ba811b7b76de4ec1b3163c284af83bd5a7d6c

HTTP Headers

GET /_next/static/chunks/1743016e-d00d67a74426f155.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 06:59:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"75543-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 643665
expires: Thu, 08 May 2025 06:59:40 GMT
server: cloudflare
cf-ray: 8807917f0d545693-OSL
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6ad1187cb3484eda879c74f0feda4d3c.json

178.253.29.51

200 OK

963 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6ad1187cb3484eda879c74f0feda4d3c.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text, with very long lines (1060), with no line terminators
Size
963 B (963 bytes)
Hash
eafcd365a5fd6a86e1f442bc9f7186b2
5d9373ba91e8128c224478a0803b7e3de8a27a04
5927b4603cb8e987751c9d9bd6dfdf913166ab2c67326f313d08b50577076b40

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/6ad1187cb3484eda879c74f0feda4d3c.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 963
last-modified: Fri, 24 Nov 2023 09:01:49 GMT
etag: "ec2577e9fce5bd6c2feedb0274aba812"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js

185.244.209.62

200 OK

53 B

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
53 B (53 bytes)
Hash
c10595a768ce387c9ffc91fe3b1603fa
2d2c108cbf39742e7e56d98cda09d86f244b66c5
12989c5be25b32ca465df0ea9b73f585ce80a006b8c34973f3c1159697b24692

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: text/javascript; charset=utf-8
content-length: 53
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "bb7e15ec1662efa164ad912bd1c65e19"
x-amz-meta-mtime: 1714551564.671873539
expires: Thu, 02 May 2024 21:01:37 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-df0319243fe37a78c39415554e364d23-7767a73a7d21b61a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T21:01:37+00:00, 2024-05-07T15:30:07+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/bd0cfa10966f2d8720b2c5663287c9e0.json

178.253.29.51

200 OK

958 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/bd0cfa10966f2d8720b2c5663287c9e0.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text, with very long lines (1061), with no line terminators
Size
958 B (958 bytes)
Hash
722bd38bd77a6e4d5c7e130ad3e0d417
a482cfb7d9371c6ad66930793f912934b9ae09b8
d668010b8b068a0be0bfe971246c7a3eb4bf2fe8fb9d6f8cc287471906066798

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/bd0cfa10966f2d8720b2c5663287c9e0.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 958
last-modified: Tue, 18 Apr 2023 10:33:32 GMT
etag: "24ec1c171afe6836881e2fba1ed559a0"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/1e1eb5e.js

83.147.204.194

200 OK

28 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/1e1eb5e.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
JavaScript source, ASCII text, with very long lines (28158), with no line terminators
Size
28 kB (28158 bytes)
Hash
84ebf43e4f6602367454c6d38588b452
14858ef1a1d57a4e7eed100598069ce2400c9e35
e0288f078d82dc91dd596b99e3acde935944f8af5e48f5b5f493318552c5862d

HTTP Headers

GET /statistic-app/sys-static/desktop/default/1e1eb5e.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:16 GMT
etag: W/"84ebf43e4f6602367454c6d38588b452"
x-amz-meta-mtime: 1714822493.6532093
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700,900&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
12 kB (11692 bytes)
Hash
cfe8f929ca0df12f918a03cbae5eba28
544bbc067178acd3fb54eb2f79155f7c2eea1735
42d83450e41e8f068fa4afb9194a54a18715aea5923bb7a8e7381c4554abccb7

HTTP Headers

GET /css?family=Roboto:300,400,500,700,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 08 May 2024 06:59:45 GMT
date: Wed, 08 May 2024 06:59:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js

185.244.209.62

200 OK

1.0 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1036), with no line terminators
Size
1.0 kB (1025 bytes)
Hash
305de1535e3f2a45efa2f1dd096f496e
9fd79178b39d8a196f9f3640758cc5285f5914fd
9b0fc84933536e9c4ca4b8013f656f393c6073e746901340133cbc11059aec46

HTTP Headers

GET /sys-static/shared-assets/__shared_chunk_Y7BFQXXC.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:40 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 09:11:40 GMT
etag: W/"8fecd56fc5520134f3c39b17431fe0c2"
x-amz-meta-mtime: 1715072814.257664589
content-encoding: gzip
expires: Wed, 08 May 2024 15:18:05 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ff7f368e80f05a237b04eb30c741f2f9-ae346b78e8d6b846-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:18:05+00:00, 2024-05-07T15:58:34+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/21191d9.css

83.147.204.194

200 OK

13 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/css/21191d9.css
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (13241), with no line terminators
Size
13 kB (13241 bytes)
Hash
819b1a7a18decbc96ac77828b3324621
98c1da47ee5747781c466f4c06b2e5be370aba82
6bc36c14dd9488c773551306de99ada65cc5169ed1c52f635ea8a01e629249a6

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/21191d9.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:16 GMT
etag: W/"819b1a7a18decbc96ac77828b3324621"
x-amz-meta-mtime: 1714822493.637209578
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/de90f0b.js

83.147.204.194

200 OK

35 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/de90f0b.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
JavaScript source, ASCII text, with very long lines (34667), with no line terminators
Size
35 kB (34667 bytes)
Hash
4610d59138b859b42230696b6f6d7d70
3dcd55bd0be4462377d7c984016b8ff157a4cb7e
bdbe852652d40052189f97af9353042ef6e77e939400637cc6d580f749b992d9

HTTP Headers

GET /statistic-app/sys-static/desktop/default/de90f0b.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"4610d59138b859b42230696b6f6d7d70"
x-amz-meta-mtime: 1714822493.6532093
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/56fc6e674daa655b283b3497c88a92cb.json

178.253.29.51

200 OK

10 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/56fc6e674daa655b283b3497c88a92cb.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
10 kB (10158 bytes)
Hash
e5e68fdba731c76ec0a416e7799cf4f9
b8b3233ff91489cdd2ad056073cfd625bd4715a5
a7221bf33f5f39552a192e8357d466bd30b0530bddc89aad0d35de565a26b6df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/56fc6e674daa655b283b3497c88a92cb.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Tue, 11 Apr 2023 17:53:23 GMT
etag: W/"e5e68fdba731c76ec0a416e7799cf4f9"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/b588fb81207704b9bc3e220b71966696.json

178.253.29.51

200 OK

36 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/b588fb81207704b9bc3e220b71966696.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
JSON text data
Size
36 kB (36003 bytes)
Hash
82be680bc6bd32b65cef0e3bda368678
5f5ac335405d9c792b43b6aee8d5ab64ac42e5ba
12800d3ad8e368dc1541e334f8f6f669549da16f62b4dae2ebb9929bd88322c7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/b588fb81207704b9bc3e220b71966696.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Mon, 30 Oct 2023 14:20:28 GMT
etag: W/"82be680bc6bd32b65cef0e3bda368678"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/aa8d776.css

83.147.204.194

200 OK

16 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/css/aa8d776.css
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (16014), with no line terminators
Size
16 kB (16014 bytes)
Hash
800fce67e67a9cf76ee1aa261e204cc1
5c3bbafac06b4aa3ec8ee5668d88c140f7e5e6f3
99fa740606ebb20977a2316bd5f232f0f250d038eac186bd9c64a25165805cfe

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/aa8d776.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"800fce67e67a9cf76ee1aa261e204cc1"
x-amz-meta-mtime: 1714822493.637209578
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.032
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo-champ/05bc2c6ed5eaf747ff173891889841d1.png

83.147.204.194

200 OK

20 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo-champ/05bc2c6ed5eaf747ff173891889841d1.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 96 x 96, 8-bit/color RGBA, non-interlaced
Size
20 kB (19917 bytes)
Hash
97b2806ac7b36e55677f0160e9874173
7ff9b27d1b07f84e5f3c76bffc3b75d67edd326a
a43e120f28ed038c7a5325de2021da2ba5262dfe89973475e99538e6badeedfa

HTTP Headers

GET /sfiles/logo-champ/05bc2c6ed5eaf747ff173891889841d1.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 19917
last-modified: Wed, 04 Jan 2023 08:03:20 GMT
etag: "97b2806ac7b36e55677f0160e9874173"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.082
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/365a2c6bd02ae78b327ca2fc0d4a1fd9.png

83.147.204.194

200 OK

15 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/365a2c6bd02ae78b327ca2fc0d4a1fd9.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
15 kB (15248 bytes)
Hash
0edac8e6fabbb9aed8b007b902aad69a
3a13f50e934ca29bb1d42e03590fda89e0096232
d4a57e2f21051c9859738ab88b2d6449c895d2c5bdb5e57fcc33b7b1a5dcea3f

HTTP Headers

GET /sfiles/logo_teams/365a2c6bd02ae78b327ca2fc0d4a1fd9.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 15248
last-modified: Tue, 31 Jan 2023 14:52:26 GMT
etag: "0edac8e6fabbb9aed8b007b902aad69a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.049
X-Firefox-Spdy: h2

widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js

172.64.148.184

200 OK

10 kB

URL GET HTTP/2
widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js
IP
172.64.148.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://widget.suphelper.top/
Certificate
IssuerGoogle Trust Services LLC
Subjectsuphelper.top
Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36
ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT

File type
JavaScript source, ASCII text, with very long lines (10533), with no line terminators
Size
10 kB (10533 bytes)
Hash
54b2d4e92e16d2ea51898124107af46a
ab4225b696e63c9040de1511fa229cf65b4d3750
e17ccea95df87c35add9994b01ef7bb6e8b5c2ebea282c461199a140a5675662

HTTP Headers

GET /_next/static/chunks/0c294a17-329dda05de2a378d.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 08 May 2024 06:59:40 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"2925-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 653506
expires: Thu, 08 May 2025 06:59:40 GMT
server: cloudflare
cf-ray: 8807917f0d5e5693-OSL
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/3f334649155a1a45297f2818d188f544.json

178.253.29.51

200 OK

3.0 kB

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/3f334649155a1a45297f2818d188f544.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text, with very long lines (3332), with no line terminators
Size
3.0 kB (3037 bytes)
Hash
117381039df3bfd1807388998f373f23
2154641408391bfa7697737f592dd7d770e13203
b9ca8dfb84a5a54cf4831c7f6ba908924a9c35b508df5536fb99f17e88e34e68

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/3f334649155a1a45297f2818d188f544.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
is-srv: false
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:41 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Fri, 12 Jan 2024 14:22:45 GMT
etag: W/"86469d79e86420defdbc23ede66a45d9"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/67aef0f.js

83.147.204.194

200 OK

208 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/67aef0f.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type

Size
208 kB (207589 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /statistic-app/sys-static/desktop/default/67aef0f.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:16 GMT
etag: W/"28da017223529ef22e3ef5464956028e"
x-amz-meta-mtime: 1714822493.64920937
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.029
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js

185.244.209.62

200 OK

1.3 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (1315), with no line terminators
Size
1.3 kB (1297 bytes)
Hash
59eb3a17023ed081e317722b7fabcddc
5e0908391af13d117ecdd61ef7406f3eb9b0e792
df460865a4a9ae1d3c260be0dd7a8a7eef1bc4a0839fdd09fe22165e3754ba71

HTTP Headers

GET /sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 09:11:40 GMT
etag: W/"518e0ae196483ada8b528a1f2b7df0a1"
x-amz-meta-mtime: 1715072814.257664589
content-encoding: gzip
expires: Wed, 08 May 2024 15:18:12 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-947a755a54607cbb978c1d8f8d3d5308-9735b6f8afa077de-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:18:12+00:00, 2024-05-07T15:53:31+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/0ef5c118d0274994e73684d83b1b4c9f.png

83.147.204.194

200 OK

21 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/0ef5c118d0274994e73684d83b1b4c9f.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
21 kB (21079 bytes)
Hash
76f9eefc7e1f2c57360bbb12e1277df0
07efaaa94e40fe7559af497ee0fc7549970999ab
42ae6f62cea4cf382e5840d195d73b1fb30048a802f7a99067b15c269a15ebf3

HTTP Headers

GET /sfiles/logo_teams/0ef5c118d0274994e73684d83b1b4c9f.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 21079
last-modified: Sat, 21 Jan 2023 11:06:19 GMT
etag: "76f9eefc7e1f2c57360bbb12e1277df0"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.055
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/00526da4cdf3.css

185.244.209.62

200 OK

26 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/00526da4cdf3.css
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (25893)
Size
26 kB (25894 bytes)
Hash
6aa11e1c24ebb592cd2fe02d36340453
4349fd09415cddb1d56b5db4a33fc9495f926623
00526da4cdf3c3eea551dca4993330b59e091678f328c29127d0d55868525857

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/00526da4cdf3.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:40 GMT
etag: W/"6aa11e1c24ebb592cd2fe02d36340453"
x-amz-meta-mtime: 1714551564.667873602
content-encoding: gzip
expires: Thu, 02 May 2024 12:28:29 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-9678050bb82c2092ad6ca2ed4a99e0ce-9613948763580540-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T12:28:29+00:00, 2024-05-07T15:30:07+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/img/bg/default-big.jpg

83.147.204.194

200 OK

80 kB

URL GET HTTP/2
eventsstat.com/statistic-app/img/bg/default-big.jpg
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 860x196, components 3
Size
80 kB (79792 bytes)
Hash
93132542674853d6ba87de5292458b2c
f8a2e34e02ce6fd88f264a90e216faf691fe6ebe
4fd8a66674c80eedeb341eb0e3ec7ff21bb8dc84b43b8cfbb7609b19474c2ade

HTTP Headers

GET /statistic-app/img/bg/default-big.jpg HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/jpeg
content-length: 79792
last-modified: Wed, 03 Apr 2024 11:14:49 GMT
etag: "660d3a29-137b0"
x-time-ng: 0.000
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.015
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/bcb13673f1daa1aed2a2a13ed9af69dc.png

83.147.204.194

200 OK

21 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/bcb13673f1daa1aed2a2a13ed9af69dc.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
21 kB (21398 bytes)
Hash
f3f07849e7c9100fda9ebd8a55a10dc7
02747480ca4b2005261c0f9b0f527a6ef3519c8a
98aa504d794ddfe05483b7fe086aa900ad6dad1b4bb1f34b783e6b5c3d928b3e

HTTP Headers

GET /sfiles/logo_teams/bcb13673f1daa1aed2a2a13ed9af69dc.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 21398
last-modified: Fri, 27 Jan 2023 09:40:47 GMT
etag: "f3f07849e7c9100fda9ebd8a55a10dc7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.044
X-Firefox-Spdy: h2

v3.traincdn.com/resized/size16/sfiles/logo_teams/2ee19f2cd6f5ec9757f892d49264c031.webp

185.244.209.62

200 OK

762 B

URL GET HTTP/2
v3.traincdn.com/resized/size16/sfiles/logo_teams/2ee19f2cd6f5ec9757f892d49264c031.webp
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image
Size
762 B (762 bytes)
Hash
6182a771a2b230b43e13184724b7090a
c43e41fe782b69195b4a5bba1023281bca61d5c1
2b9508428c960ae5d3afc2e5f9bd92579a28dc366371d39bec38e86d3bc3836c

HTTP Headers

GET /resized/size16/sfiles/logo_teams/2ee19f2cd6f5ec9757f892d49264c031.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/webp
content-length: 762
cache-control: max-age=94608000
content-disposition: inline; filename="2ee19f2cd6f5ec9757f892d49264c031.webp"
content-security-policy: script-src 'none'
expires: Mon, 12 Apr 2027 07:57:55 GMT
x-request-id: 3ce91d242c1908324d49a5673b02260d
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-8dce60689dd5e649922df597ce08b97e-c9f1eef34c47e577-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-12T07:57:55+00:00, 2024-04-12T18:34:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js

185.244.209.62

200 OK

450 B

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
ASCII text, with very long lines (461), with no line terminators
Size
450 B (450 bytes)
Hash
94396d27c4d9bbfc299a901902e1f11d
b3d5fb445111c1b6b783db81a899a548488ebf13
33fc76fe427142c306a281e02daec062575fe489c63851cb55b487e1b058699e

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: text/javascript; charset=utf-8
content-length: 450
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "056ce527a12544a37f984ac598be2344"
x-amz-meta-mtime: 1714551564.671873539
expires: Fri, 03 May 2024 08:43:57 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-98b6c92f624ae2f48e6e53ead6b0feed-839800c8185d1cbe-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T08:43:57+00:00, 2024-05-07T18:09:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/392fdb004d073448b345d2db7414a498.json

178.253.29.51

200 OK

822 B

URL GET HTTP/2
1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/392fdb004d073448b345d2db7414a498.json
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
ASCII text, with very long lines (908), with no line terminators
Size
822 B (822 bytes)
Hash
ab86bfb2b33428037850e30dcd4e93be
f27854d5fcc6a4c8b48943bcbe31ddca9c0a5190
2d7c8eae625a93c072727401ae9daac7a398228bae0f9e058eb970e9ea774fd3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /genfiles/cms/1-285/desktop/media_asset/392fdb004d073448b345d2db7414a498.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/live/football/118587-uefa-champions-league/530091694-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280; che_g=e0e58fcc-7064-ce16-fa84-307e0f637f43; _glhf=1715169355; application_locale=en; ggru=181; sh.session.id=48f284c5-217a-4f3c-9da7-76cb91b7e1c2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:43 GMT
content-type: application/json
content-length: 822
last-modified: Mon, 08 Apr 2024 09:13:00 GMT
etag: "be781196159e458a9a157a93f6981363"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/257844d5b63e9e4e9f712a9106ded02a.png

83.147.204.194

200 OK

19 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/257844d5b63e9e4e9f712a9106ded02a.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
19 kB (18794 bytes)
Hash
302c7c755687113c628d9cce85e8431d
071c916fa41321df71e4b832bee7b79b4ae8b803
bf58c342ea6a2416154ea9c7035b14f36ca2668b24faad7451820360e5412ec4

HTTP Headers

GET /sfiles/logo_teams/257844d5b63e9e4e9f712a9106ded02a.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 18794
last-modified: Wed, 25 Jan 2023 10:19:29 GMT
etag: "302c7c755687113c628d9cce85e8431d"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.058
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/8722ed329c016bf5091e557f44723b6e.png

83.147.204.194

200 OK

10 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/8722ed329c016bf5091e557f44723b6e.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
10 kB (10473 bytes)
Hash
7391d9d72c8539c695fa9985dc500c78
e774568bb3518d62df9e81134e82dcb6f66c81ba
55e5c0e76567709bf5c5797654c9fd0d8d2981d38a725c2faa72d51fdb673aba

HTTP Headers

GET /sfiles/logo_teams/8722ed329c016bf5091e557f44723b6e.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 10473
last-modified: Sat, 28 Jan 2023 16:23:05 GMT
etag: "7391d9d72c8539c695fa9985dc500c78"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.056
X-Firefox-Spdy: h2

eventsstat.com/sfiles/logo_teams/66359.png

83.147.204.194

200 OK

11 kB

URL GET HTTP/2
eventsstat.com/sfiles/logo_teams/66359.png
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced
Size
11 kB (11089 bytes)
Hash
916b89e4aab18065e8f78236c2a6954a
0bb0ed939dd04da3ac13f39a2f23fe93b430e0c6
4677fc1f6c545c989a033ffe43e00c235720a75897ba793a0a32be1e4d1c9482

HTTP Headers

GET /sfiles/logo_teams/66359.png HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:48 GMT
content-type: image/png
content-length: 11089
last-modified: Thu, 26 Jan 2023 08:34:37 GMT
etag: "916b89e4aab18065e8f78236c2a6954a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=86400
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.069
X-Firefox-Spdy: h2

1xlite-461430.top/service-api/LineFeed/WebGetTopChampsZip?lng=en&country=137&gr=285

178.253.29.51

200 OK

1.4 kB

URL GET HTTP/2
1xlite-461430.top/service-api/LineFeed/WebGetTopChampsZip?lng=en&country=137&gr=285
IP
178.253.29.51:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerLet's Encrypt
Subject1xlite-461430.top
FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91
ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT

File type
troff or preprocessor input, Unicode text, UTF-8 text, with very long lines (1502), with no line terminators
Size
1.4 kB (1440 bytes)
Hash
5653924f61301820f1d6640ab309a8ee
0437e5cdfdb00572c8ee5993b48c2c3e86e363e7
12305b79955752b65b0c03009a39ce34ae792ad2ad4b64dc100af697a3dd7499

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /service-api/LineFeed/WebGetTopChampsZip?lng=en&country=137&gr=285 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; platform_type=desktop; auid=sv0dM2Y7ItczH4vwAyAEAg==; SESSION=3ad9e48588fec84fcf44e9265ad90f0a; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:39 GMT
content-type: application/json; charset=utf-8
content-length: 646
cache-control: no-cache
content-encoding: br
last-modified: Wed, 08 May 2024 06:59:39 GMT
vary: Accept-Encoding
x-time-ng: 0.143
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.151
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/d60a4ed.js

83.147.204.194

200 OK

2.3 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/d60a4ed.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
JavaScript source, ASCII text, with very long lines (2361), with no line terminators
Size
2.3 kB (2295 bytes)
Hash
640507685d5ec5716c84dec88851c768
39372094d8a299831e2af2d6d1ece43468d9c358
078ae4219db478951512e7fdaa1f54827c2abbd704169c50bc66889cd0c9e722

HTTP Headers

GET /statistic-app/sys-static/desktop/default/d60a4ed.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"410997beaacec5b471524343ab618f07"
x-amz-meta-mtime: 1714822493.681208813
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.010
X-Firefox-Spdy: h2

v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/ea5e649383e3.js

185.244.209.62

200 OK

5.0 kB

URL GET HTTP/2
v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/ea5e649383e3.js
IP
185.244.209.62:443
ASN
#199524 G-Core Labs S.A.

Requested by
https://1xlite-461430.top/en/line/football/118587-uefa-champions-league/211655412-paris-saint-germain-borussia-dortmund
Certificate
IssuerSectigo Limited
Subject*.traincdn.com
FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73
ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (5112), with no line terminators
Size
5.0 kB (5003 bytes)
Hash
e86dd7d6da781211184bab4564e4319d
61a04d7ce4c95c0519539bb055b751471cd54f0d
f9a8974385f31acf10a366d8ce15db45e401a3955ee970c37fc669ab7366f0ef

HTTP Headers

GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/ea5e649383e3.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:42 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: W/"feb5d0c05443398468224d2944536b10"
x-amz-meta-mtime: 1714551564.675873475
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-beb612cc207770791461e269123015c9-e083d8bc8370c117-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-07T17:01:38+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/46ec6cc.js

83.147.204.194

200 OK

20 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/46ec6cc.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type

Size
20 kB (20411 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /statistic-app/sys-static/desktop/default/46ec6cc.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:16 GMT
etag: W/"35900e7b9e58e1561e184198753a90a3"
x-amz-meta-mtime: 1714822493.637209578
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.009
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/css/2b5c63d.css

83.147.204.194

200 OK

8.8 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/css/2b5c63d.css
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
ASCII text, with very long lines (8793), with no line terminators
Size
8.8 kB (8787 bytes)
Hash
276e043b98ae911e75f7067c3a8a2b02
552b214ae388414b83ce0ae543ef80969fba53af
5b48d5daecf73c003bf6831451d194e93b3eab63cb9fb2e01b209de81bd2e01c

HTTP Headers

GET /statistic-app/sys-static/desktop/default/css/2b5c63d.css HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:16 GMT
etag: W/"7c39f077c0c1d467ef36ca9e3d81084f"
x-amz-meta-mtime: 1714822493.637209578
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.023
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/img/bold-arrows.4b02975.svg

83.147.204.194

200 OK

1.0 kB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/img/bold-arrows.4b02975.svg
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.0 kB (1047 bytes)
Hash
7ea78448f9c69f04a07e4b006a7d59b8
d4073fa23fd504f9ee9e40a1326c3326db17c434
12e409631aabdb5b6dc74f57952f1a3cb2ab560dcf5b8553ea922a3ea8e88ff1

HTTP Headers

GET /statistic-app/sys-static/desktop/default/img/bold-arrows.4b02975.svg HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"760f1d08254fe2c97ad3626c7003907c"
x-amz-meta-mtime: 1714822493.609210065
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

eventsstat.com/statistic-app/sys-static/desktop/default/859df84.js

83.147.204.194

200 OK

1.2 MB

URL GET HTTP/2
eventsstat.com/statistic-app/sys-static/desktop/default/859df84.js
IP
83.147.204.194:443
ASN
#202492 Silverhill Group Holding Ltd

Requested by
https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Certificate
IssuerLet's Encrypt
Subjecteventsstat.com
Fingerprint87:F5:E6:31:6A:EC:29:A8:E1:12:AD:26:61:DD:0B:A2:B3:B2:D3:C9
ValidityMon, 26 Feb 2024 05:17:00 GMT - Sun, 26 May 2024 05:16:59 GMT

File type

Size
1.2 MB (1185030 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /statistic-app/sys-static/desktop/default/859df84.js HTTP/1.1
Host: eventsstat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://eventsstat.com/en/statisticpopup/game/1/661ee98b0d8c0bfbf1e47fd0/main?fh=1&ln=en&rtl=0&r=1&g=285&tz=2&geo=137&mh=280
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Wed, 08 May 2024 06:59:45 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
last-modified: Sat, 04 May 2024 11:36:17 GMT
etag: W/"8923581ad4237356836297ca002be4df"
x-amz-meta-mtime: 1714822493.64920937
content-encoding: br
expires: Thu, 09 May 2024 06:59:45 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (141)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML