| 1xlite-461430.top/polyfills.js | 178.253.29.51 | | 0 B |
URL 1xlite-461430.top/polyfills.js IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /polyfills.js HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:25 GMT
content-type: text/javascript; charset=utf-8
content-length: 0
vary: user-agent
cache-control: public, max-age=2678400, s-maxage=2678400
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.021
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/75bcd414.css | 185.244.209.62 | | 2.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/75bcd414.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (9958), with no line terminators Hash76a1e3dd8e25bf9a48bdd896de779d20 38c3643e25808d1f3ab167273201eac8c113c088 aa36f7a0cd4e7059cfef75dda25cd20e0bd1fbbe3d10a4ed0697cb937f009273
GET /_nuxt/desktop/default/css/75bcd414.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: text/css
content-length: 2277
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-8e5"
content-encoding: gzip
expires: Tue, 07 May 2024 11:27:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-574c42c79e258dd59e085e011c5d786a-ba9fd5a423b9a333-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:27:59+00:00, 2024-05-07T12:10:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/a4f501bb.css | 185.244.209.62 | | 7.4 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/a4f501bb.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (54112), with no line terminators Hash32a89d535782c71f2aee2541afe97325 9ad12cc6ccd6b059073f779e9d91c6c6674e1289 ea1bc845a76d5e0e7738e217f8f0c47ac62ace9bddebba5059499b3451aa6ef8
GET /_nuxt/desktop/default/css/a4f501bb.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: text/css
content-length: 7418
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1cfa"
content-encoding: gzip
expires: Tue, 07 May 2024 10:53:28 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-19cc89f540f7a273de878e31591abc80-7ab57bdbe07e02a3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:53:28+00:00, 2024-05-07T11:19:47+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css | 185.244.209.62 | | 336 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/a7906856.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (1099), with no line terminators Hash6921418ff9395c44037498a4cf17ee66 31879049279e2cb5bc06b249d80d1735ef112b19 e6de221b29f3b4e47505c877067f28565ab5e1b419dc5003aca29c49596e73ab
GET /_nuxt/desktop/default/css/a7906856.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: text/css
content-length: 336
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-150"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-979eb0d2f6b7f5e624561edab99de96e-4e8cae57f9ca3f57-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js | 185.244.209.62 | | 9.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (31683), with no line terminators Hash3f5e6415a870624bda2cd9741726af93 a5f7d27d2ca9f7e89a230ad43754f4e0390f293a 68449536372a92443232c2c9299ebc24a5f62543e6b12cd0a137b078f50d6e9b
GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.Main.Asian/registration.Main/user.userRegistration-b32053db.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 9205
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-23f5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7a03cb663f362c0f71e293249bc4e939-ab0f64f3f6652eb0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js | 185.244.209.62 | 200 OK | 58 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64940), with no line terminators Hash8b5b82fea92540c112a534ae258307e2 380afabff0faa228d8c4f10cc9947b310d1bab68 ab31af22488ac9b76c9790f4d3cf1096a9402e7ab4a5b8e09d373cb5b62bc651
GET /_nuxt/desktop/default/Page.Betting.Main-499ac9a4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 58244
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-e384"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-43c1a822a00f8dd12bc44b0e8c5e503b-bc8dcb87c67e9b41-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js | 185.244.209.62 | 200 OK | 4.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (14590), with no line terminators Hash81deb8b2ab30cd1729e21622a32d9814 41b982e7a7e4eec22ce01ff1a3b854e51e385789 41159eb3d25b42d4e655a6a3f4e6b0777c2d8a572277d77f9104e171b8aa5589
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.Betting.Main/Page.Betting.Main.Asian/Page.Betting.TeamGames/Page.New/a4ad9f6b-09b98935.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 4207
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-106f"
content-encoding: gzip
expires: Wed, 08 May 2024 08:41:46 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-51a9e627e75f913826c1e7af1f3a9344-613608ecae0354e0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:41:46+00:00, 2024-05-07T10:01:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| refpa59720.top/L?tag=s_1558737m_355c_[]MS[]null[]null[]general[]18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru | 178.253.37.97 | | 1.3 kB |
URL refpa59720.top/L?tag=s_1558737m_355c_[]MS[]null[]null[]general[]18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru IP178.253.37.97:0 ASN#202492 Silverhill Group Holding Ltd
File typegzip compressed data, was "6cc025d5.css", last modified: Mon May 6 10:23:04 2024, from Unix Hash485f757d080def472ad83020f828d304 5f5fdecc3bf30a18c8eaaf08cbbf5b258162bc9d 57abe02183b0d544d018a7a2ce3dd535f4d647005defc77a716c47dabded2025
GET /L?tag=s_1558737m_355c_[]MS[]null[]null[]general[]18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru HTTP/1.1
Host: refpa59720.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 303 See Other
server: nginx
date: Tue, 07 May 2024 19:44:24 GMT
cache-control: private
location: https://1xlite-461430.top:443/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
x-aspnetmvc-version: 5.0
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.003
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js | 185.244.209.62 | 200 OK | 2.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (7613), with no line terminators Hash68b874a85269b1e64bfd1065d0254a1a 46d5559120d28058a530b18616085b6826bb03c3 7a51983ef71867325dd5d9bf7b7eadc66b567a882f50c1d09158bf4f7de8b587
GET /_nuxt/desktop/default/Page.Betting.Main/Page.Betting.Main.BettingLeftAside/Page.Betting.TeamGames/betting.GamesSliderApp/b/e7e00398-3883d633.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 2209
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-8a1"
content-encoding: gzip
expires: Wed, 08 May 2024 08:41:40 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3c3965a7cb16c59ce2e0144641ea6590-3c1e5ec8a9ddb946-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:41:40+00:00, 2024-05-07T10:01:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js | 185.244.209.62 | | 17 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65113), with no line terminators Hash5c486444497d7afeea7cabf3a651d76a a5c40dee88530a85a4c061ad4379b13e3b8df745 9c3b64738e185dacb94ddfa13c1807be093f49e0a3b5810f92db524ea9f60020
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside-9ec0f9e5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 17011
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-4273"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-411da66b0b2106c344ad3638de89c2a7-ca11c5ddad45e077-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js | 185.244.209.62 | 200 OK | 3.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (13913), with no line terminators Hash395deb0abfd0ea102c0c9aa4cf08b2f9 b53c99a2bce733f0a45a075000949d34e2fd0b17 f11d7b6985d7e97030628cf137377b14e9316f8919f80dff4cdd488366aa6652
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboard/Page.NewCy/adc1b632-4d951a46.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 3531
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-dcb"
content-encoding: gzip
expires: Wed, 08 May 2024 08:41:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b99288e51aad5cc337f051b82e098f6e-59b2e6ed741d8d52-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:41:39+00:00, 2024-05-07T10:01:01+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css | 185.244.209.62 | | 1.5 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/98ce2926.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (8509), with no line terminators Hashb0cd3891fe08ec67c50bbdfd9f7e9181 205511f8e55a0498e8129c290759a26ba4a4db31 75c619e9cabd7b2c1939e6837909e12c51fb3e68888ba20d650cb1939f983f6e
GET /_nuxt/desktop/default/css/98ce2926.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: text/css
content-length: 1491
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5d3"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-07ed2a7e18ce1873ec350d6f9c6046cc-a2dfdc0565e02dc0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css | 185.244.209.62 | | 194 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/c3d37cc4.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (395), with no line terminators Hash7f1ee7f9ec47159043591789124ec7cc bb021131214d4b70b327355a5a947b974f2eccbd 4041bafac614e354c03b647dc8d226e140460381c4816a65528e4ba428b0a0ad
GET /_nuxt/desktop/default/css/c3d37cc4.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: text/css
content-length: 194
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-c2"
content-encoding: gzip
expires: Wed, 08 May 2024 09:23:40 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-abfb76a5eb5422ca94dbd2021d39dcdf-12f12cd3264c0be5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:23:40+00:00, 2024-05-07T14:34:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js | 185.244.209.62 | 200 OK | 644 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1333), with no line terminators Hash59e405a5c84540fd5cd4a47c01954bb9 877928ec86d9742b605ab481e28e4ca40163154b a50357ec75eb7f36a26bfe20b003e614f8bfd8298d502b26c9dc36cbdc1d362a
GET /_nuxt/desktop/default/Page.Betting.Main.BettingContent-636888aa.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 644
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-284"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-792c6eda2d150685aa8174cd02385e13-219f0ac88a18d21f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js | 185.244.209.62 | 200 OK | 5.9 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (21262), with no line terminators Hashfb60e20d94667a730b2505f72a36269f 9553f3349aae185bd43d95b7ea735790b5ac35d4 24b7cc1abd1d6224f08db147e7c866945d1f205b36b55ac5a5f1c47ed96d69ab
GET /_nuxt/desktop/default/vendors/Page.Betting.Main.BettingLeftAside-14b63672.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 5874
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-16f2"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d1c0baa6c573491504d33032235027a7-182e22e792c4e264-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/version.json | 185.244.209.62 | | 44 B |
URL v3.traincdn.com/version.json IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
Hash265e4e9c948f929631d7e9bcf0d19d5b c70f40cde4e09003b980fdae5130f3695de16add 62ec6fa5c15470b882bd7e05f5651b0a265a0cb2857cffa5cbfa34b3d2cf42ba
GET /version.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/json
content-length: 44
last-modified: Mon, 06 May 2024 10:24:15 GMT
etag: "6638afcf-2c"
content-encoding: gzip
expires: Mon, 06 May 2024 10:50:26 GMT
cache-control: max-age=60, max-age=60, s-maxage=60
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4345ef39d8df8eaae2739a43f7577753-5f3cc29e6c065518-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:49:26+00:00, 2024-05-07T19:44:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css | 185.244.209.62 | | 2.8 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/9eb4939a.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (20960), with no line terminators Hash6cae6098e169876c305ca92f82fe3cde d27c18f05738795d575c8ce370ed83cf07da0a5a 7095d096e88dd0a09d84d063de1e0eedd406b032150a5af99e796c2ac63bcfe5
GET /_nuxt/desktop/default/css/9eb4939a.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: text/css
content-length: 2763
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-acb"
content-encoding: gzip
expires: Tue, 07 May 2024 12:27:19 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e2e3e02a638ddf318671c30069aeaf19-07cd5cc6528a6da8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:27:19+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (41615), with no line terminators Hash21a80fe42c418607606b5ee8ebc9ebe2 b93c8e0a2f18dd371501e1a8739e9445b2c1d9d1 880f72443c469f2d2e9421789eaeb1f2042a8c4ccfc8ce9057a685d588a97ff3
GET /_nuxt/desktop/default/Page.Betting.Main.BettingLeftAside/betting.SportMenuApp-87a02531.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 10290
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-2832"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e238b1653b32d884063ff46bca239366-23b32dbbf89f65bd-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css | 185.244.209.62 | 200 OK | 332 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/885d64fc.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (975), with no line terminators Hash31aa50dcbc858f61bf3ed903493b8431 abf67e7f02256d2d5c5e2054b2930aa9b5ece999 18337e3b3c6f57695afaca43e471c075fd711e0485b4e7f1fdc1b6fe4e8703d7
GET /_nuxt/desktop/default/css/885d64fc.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: text/css
content-length: 332
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-14c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:17:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0b88d44f7a9241d52d47ca22a41d9178-7322efb60b80a95e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:17:32+00:00, 2024-05-06T20:06:17+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js | 185.244.209.62 | | 3.4 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (10178), with no line terminators Hashbe042bab68dd466121fb1460a17b1795 3dfa3c583644e2aa71ff199a262a54e17cd378d6 2a7bf413f8f8d67f545da852425cdec3b3960fa2c62960ca49c5a2dc43108ac0
GET /_nuxt/desktop/default/Layout.Betting.ExpressDay-c5a846fb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 3365
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-d25"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-fb144c20a479a431031933b2622db26b-bdb04c327c6c9200-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ca542d7f.css | 185.244.209.62 | | 3.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/ca542d7f.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (31339), with no line terminators Hash9e9b190c1ab8126c2576203d5d43ec63 a80ccb6739023605edbd86be13f38a58ff7f4906 c4a28e2bbc67a853613460727d4abba3687be55593a7513a4079ea34579fbb02
GET /_nuxt/desktop/default/css/ca542d7f.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: text/css
content-length: 3226
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-c9a"
content-encoding: gzip
expires: Wed, 08 May 2024 09:58:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-341f97a3fbfcd4bd74eeaf503228c99d-268017d6f222d19b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:58:01+00:00, 2024-05-07T10:40:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js | 185.244.209.62 | | 2.5 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (8663), with no line terminators Hasha5db05d47f7f37c06acc29a0f4eeb447 b9ddddb586721548eaa4a62d7ae420bfcfc5bddb 4053d0ffbd3af6bc022131a3f123bd4e88825f1b5f06a74dd2072a2b0fe3f243
GET /_nuxt/desktop/default/Layout.SeoModule.Lazy-db205bbd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 2475
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-9ab"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-126ad5b0189a658b5c6ee6d0190f4ed1-7d28c45a6709f081-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css | 185.244.209.62 | 200 OK | 4.0 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/85148a0b.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (32277), with no line terminators Hasheeaf257a8645b90669a2ea93b8fb534e d81289258b7a5c126dd860232760852cc8ad865e 3a170c88ab694ad7552f7a84baa04ddb248c32b7f8ffe16d55dd73685de87aa6
GET /_nuxt/desktop/default/css/85148a0b.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: text/css
content-length: 3964
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-f7c"
content-encoding: gzip
expires: Tue, 07 May 2024 12:54:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-8e372a5e65d0b854f5b485eb7cbe1337-c6e3a616c6d16093-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:54:58+00:00, 2024-05-07T13:56:30+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (40656), with no line terminators Hash3645d2d457e7c89dbddbc70d1bb71d2e d91ac83ee98ca90c4a45448683041facd9b325cd a615e922b7060fe133277857d8a581923a62ce0da64aff95340bd9b884856a5a
GET /_nuxt/desktop/default/vendors/Page.Betting.Main/Page.Betting.TeamGames-ffc54199.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 9977
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-26f9"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-aba97578c295730f945177e5d49eb553-73777a57e4ba5bee-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js | 185.244.209.62 | | 7.8 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (28142), with no line terminators Hash9167c6082d419d35f57a606871184d06 d4c4fac03b353c5881c352d6ac0c05947dc2e633 bed35ed9386f6d0d6f3096d00c7d14e042c5cb404f07ef0bb9abb4cc381e89c3
GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy-0434410a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 7775
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1e5f"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2e985d068d7e071ee04f8ca253187baa-79408dabdc906ed2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js | 185.244.209.62 | | 8.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (29805), with no line terminators Hash93a3cdd4ea0ae5eb295e71988355c5d4 0c9e334aebd99fb9c44575c99abda82d0b53acb1 104a5a19f0a8b4d443e55c32daf49eea2343ee96da27b48c21f09e1425081d62
GET /_nuxt/desktop/default/vendors/Layout.FooterComponent.Lazy-8e891b7b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 8283
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-205b"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1636cd4bfa9c8ada9cf57c515d8ab0a2-626ac2d590d4d2a9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css | 185.244.209.62 | | 1.1 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/5cfdf959.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (4632), with no line terminators Hashf74d8b7e31b6ab236a9577348874385d 87091e6542649037a05fc137fa449b713c85225d b33d72295f1edbfc13da30236c4b811cffe4ba8ef758a515914cd69cf02edbf8
GET /_nuxt/desktop/default/css/5cfdf959.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: text/css
content-length: 1113
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-459"
content-encoding: gzip
expires: Wed, 08 May 2024 06:45:39 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9881cb39f801543b1c3e479bf7cbce3f-7e25ec774309d293-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T06:45:39+00:00, 2024-05-07T09:06:33+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js | 185.244.209.62 | | 6.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (20014), with no line terminators Hashadc7f8e289bd475a5a922c91b93591b2 540252cd02880714746d3656e61c67e7acab7fda 3b542ce26d333f558f94adb8cac49e58be95a5470eb3079d1dc0b2b7a7c97b6b
GET /_nuxt/desktop/default/Layout.FooterComponent.Lazy/Page.Game.Project-807a62cf.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 6258
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-1872"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-244f04e17e7ab1fb62db34a5fb72eb06-85c8a084db4a7dfe-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:00+00:00, 2024-05-07T14:49:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js | 185.244.209.62 | | 225 kB |
URL v3.traincdn.com/_nuxt/desktop/default/app-1483c42a.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64966), with no line terminators Size225 kB (224914 bytes) Hashc4d75347728629ec3f0b90dc82f0a3d2 ff949fe02da04d39be746f8d091a1a7b30126f7a 8ca2bd3ad104c33fb6189e87cab8992734ca6bf99a631ed413f63444b834d33b
GET /_nuxt/desktop/default/app-1483c42a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 224914
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-36e92"
content-encoding: gzip
expires: Wed, 08 May 2024 09:01:03 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ac939cbe1f40e94b5c1e0e354be2f156-34cc9e4d13a97987-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:01:03+00:00, 2024-05-07T09:06:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru | 178.253.29.51 | | 234 kB |
URL 1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
File typeHTML document, Unicode text, UTF-8 text, with very long lines (14084) Size234 kB (233947 bytes) Hash0f250a743d307d8611b4ff4b812da22f 9ad4b51a8cd86c6bb0893cc3289985dc0ccbcbd4 3ad46df0177864ddaf2209e4c38ca77b80ea92719e87b5f376f90b24e62c70a0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:25 GMT
content-type: text/html; charset=utf-8
content-encoding: br
server-timing: total;dur=1195;desc="Nuxt Server Time", dt_total;dur=1220.814, wf-uht;dur=1.271
set-cookie: lng=en; Path=/
cookies_agree_type=3; Path=/
tzo=2; Path=/
is12h=0; Path=/
referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; Path=/; Expires=Sat, 06 Jul 2024 19:44:24 GMT
reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; Path=/; Expires=Tue, 07 May 2024 20:44:24 GMT
postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; Path=/; Expires=Thu, 06 Jun 2024 19:44:24 GMT
platform_type=desktop; Path=/; Expires=Fri, 10 May 2024 19:44:25 GMT; Secure; SameSite=None; Partitioned
auid=sv0dM2Y6hJlz+Iv4AxOUAg==; path=/; secure; httponly; samesite=lax
traceparent: 00-c61a050366694a58116d9b6cf5dbea0c-71bb5f56da01a527-01
vary: Accept-Encoding
x-dt: 285
x-frame-options: SAMEORIGIN
x-time-ng: 1.206
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js | 185.244.209.62 | | 15 kB |
URL v3.traincdn.com/_nuxt/desktop/default/runtime-baf5b66c.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (47215), with no line terminators Hashef9def5f3c8a190bfffb14ce24c6eb58 c5fa568c8f9bee2aa988c80a7246e07edd8d84ba d5d3ad6908352036bda426fe1fdc6f1dc03ac13a7029bbf25fa50580abd9064f
GET /_nuxt/desktop/default/runtime-baf5b66c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 14752
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-39a0"
content-encoding: gzip
expires: Tue, 07 May 2024 10:54:45 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-44ef69227cd55f83d7673a752b39cc4a-87eb72afb829a1a0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:54:45+00:00, 2024-05-07T10:57:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/035c0001.css | 185.244.209.62 | | 14 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/035c0001.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (65536), with no line terminators Hashac3b78bdd1c881f78913b967fd22a91f 15295665baa2ccaf71e8a093f333d087621a17ee ee4c84a2fe257a888fcec5809b67b563aba3a4c52f102154ffa19a685434d835
GET /_nuxt/desktop/default/css/035c0001.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: text/css
content-length: 13859
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3623"
content-encoding: gzip
expires: Wed, 08 May 2024 09:01:03 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a25dc4f5fa1d2d6cc09e36078c234f29-621f1d8e575327f8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:01:03+00:00, 2024-05-07T09:06:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js | 185.244.209.62 | | 267 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/app-d26cc899.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (61101) Size267 kB (267237 bytes) Hash1992415420cd9d59941e07133aa0c521 308a748fa982a440a112cb9e449f25a23bd6d83e 94a8f060251c7e705ee8c823783cb067e2844edb0f3900b6b0e91948d92ce907
GET /_nuxt/desktop/default/vendors/app-d26cc899.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: application/javascript; charset=utf-8
content-length: 267237
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-413e5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:58 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4b8286f34c949decda3eb82b281dce55-12a1d723266b11be-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:58+00:00, 2024-05-07T14:49:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0 Hash6887b6f24414dbc612dbf42ccdc76b70 8068d3abfbc6cbf35b55919da45b1f4d2d136238 fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:27 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-609c161b39022410ba17da253acb4ae7-e6262ed9a6c07fd2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-05-07T19:11:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 | 185.244.209.62 | 200 OK | 65 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64732, version 1.0 Hash3ac5d40d1b3966fc5eb09ecca74d9cbf a69f32357765dd321519889aeacba5e9ca893bb0 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:27 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1b482210074e2d977eb169c3ae92c431-c99c68e6c9110f3b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-05-07T18:44:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0 Hasha65527fcb58f66a7cfbc0e6b160538b4 45d260e7fa343401b5bb0df982a014f53e2d253b fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:27 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-46eaa14f8125d09c41ef20f167181f89-6a95e54e793e9f59-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-07T19:36:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png | 185.244.209.62 | | 653 B |
URL v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typePNG image data, 32 x 32, 8-bit colormap, non-interlaced Hashe6f0766cbd95db33da44e7a9140648f2 5f196b1bfe8c3f92bd2ebcd67124e72e81ae6aaf c0399d478788d5d483f104a2e8cb7c32f41cb40e9df0c22e831b2bfa2db63ec0
GET /genfiles/cms/1-285/desktop/media_asset/1da51baa342984a84ca1ac8dd900998b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:27 GMT
content-type: image/png
content-length: 653
last-modified: Tue, 25 Apr 2023 13:43:56 GMT
etag: "e6f0766cbd95db33da44e7a9140648f2"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-7c74c907a761f68f246d09924395a34c-1a4c5364a6e563af-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:12:59+00:00, 2024-05-07T19:11:38+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/check-ob.js | 185.244.209.62 | | 187 B |
URL v3.traincdn.com/_nuxt/check-ob.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text Hashced67278c38d1ce1297c121af69fff8a df6e1531fd84d956263b04254e6f94f5356623f4 2958134c3c00f7c6320858dd66e454c2856e4842821d3523c4cc5e44e1ec8616
GET /_nuxt/check-ob.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 187
last-modified: Mon, 06 May 2024 10:23:37 GMT
etag: "6638afa9-bb"
content-encoding: gzip
expires: Tue, 07 May 2024 12:56:18 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3a1bb0e25f840467de0dc1f7634dee04-b786585c5d729366-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:56:18+00:00, 2024-05-07T11:36:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/f5105820.css | 185.244.209.62 | | 194 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/f5105820.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (395), with no line terminators Hash2818ab9c6ece35261fbf658165189623 f01f8175a7a89449a1dad5f2a7df06c5866c10af b4f0b619b6f6ece6589df376a16eae022b084640348887d3c557e20a37207583
GET /_nuxt/desktop/default/css/f5105820.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:27 GMT
content-type: text/css
content-length: 194
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-c2"
content-encoding: gzip
expires: Wed, 08 May 2024 09:24:14 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-dfe84dd40b88bf03b6b129fb929f8834-c7e4d853172857c5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T09:24:14+00:00, 2024-05-07T17:58:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/site-admin/colors/f60de5c9eabf4e3e2f1149075d3a68d7.css | 185.244.209.62 | | 7.5 kB |
URL v3.traincdn.com/genfiles/site-admin/colors/f60de5c9eabf4e3e2f1149075d3a68d7.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (37558), with no line terminators Hashabdcb01bedd44be3cfb0696a4f46711b ca9e7fa6debec1ee169d5cacd6e29b3bb77cd817 4058a532477260890c576d07f0f47825f645dcf3ae9b9d004294b9b005256d53
GET /genfiles/site-admin/colors/f60de5c9eabf4e3e2f1149075d3a68d7.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:26 GMT
content-type: text/css
last-modified: Tue, 07 May 2024 12:38:10 GMT
etag: W/"f60de5c9eabf4e3e2f1149075d3a68d7"
content-encoding: gzip
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6c4fb1b7a52049fd2d562d994e6bab84-1b10ebff136dc756-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T12:39:42+00:00, 2024-05-07T19:40:39+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js | 185.244.209.62 | | 4.2 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (14574), with no line terminators Hash2f5a8b05ac32c583fcde180d9d46fce9 86cc94f0c76922b731336bb6c13ff2839f37d689 6f2a20b4cda56cb4d92bd6d3817945c5e659723eaf3e5c85f0a00274c909a9cd
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside/Page.Betting.Main.Asian/betting.CentralMenuApp/betting.SportsMenuCompact-cca22477.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 4187
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-105b"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:12 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-75645761f3cf9dd79a34846905aad91c-a33c18f9e9bf3eac-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:12+00:00, 2024-05-07T15:18:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css | 185.244.209.62 | | 1.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/2a37879e.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (6872), with no line terminators Hash7727cc93d85a2459297f9b1237fc6a92 f37f7a3ec3d30df2513a38dd2c67fefaf038edec e4559060670fd8cf92ad4e830ae9237d2bbc735470f4597ad5d943388d9248d2
GET /_nuxt/desktop/default/css/2a37879e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: text/css
content-length: 1331
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-533"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-277f26b74b4578dd05bf4c353961b908-75257fb2c33c3666-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:13+00:00, 2024-05-07T15:18:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (37196), with no line terminators Hash149f1f916b0c47494c7bdc15122390d4 f6be7ef6c3649f4b83fd19f7459dbce46ff15925 f8ecbd7355d64beb3e23daea185a634fa436012d707160381bb3b65548a9c92b
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingLeftAside-9f71ae9a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 10214
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-27e6"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:12 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a3e1aca2883bd758b7181a779bb3dac9-2846a616f470855c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:12+00:00, 2024-05-07T15:18:13+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js | 185.244.209.62 | | 37 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (65461) Hashaedaa99fcce183a213f358a727e9eb87 7fe33331acbced57be412f96baff3a4595e207fb 2ccadc0a2eea97aeeb5f1825ad9bdac3873481a54bcd3b42cf6724271cd0f6ac
GET /_nuxt/desktop/default/vendors/GameProvider/Page.Betting.Asia.Homepage/Page.Betting.MultiLive/Page.CricketWorldCupPage/Page/17c2374e-b595fcd5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 37176
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-9138"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-69be41d8cb1b6330f3ffac8b4199b2dc-4d0d187c4bc6c510-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-07T15:18:14+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js | 185.244.209.62 | 200 OK | 10 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (36638), with no line terminators Hash63e1a6027725eca572736670eb935432 e3578492cf68e66a44f556a98545294a5b1bed5a e96e0e4abe03d7fb0d2449e0f2bf27bb0ee85cdd4d7b4098276c712842b45d8c
GET /_nuxt/desktop/default/vendors/Page.Betting.Asia.Homepage-b9493cb9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 10115
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-2783"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-559e62b325d6fa9ce9bbb46b32e7b3ca-2ff5399adeb83621-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-07T15:18:15+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js | 185.244.209.62 | 200 OK | 5.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (19536), with no line terminators Hash860ea683ac1ca8494adc10cb2ea4fcdf a1004cb9bb3a036d215dfbf6b9bade88ad81a7a3 e8fcc72111c9040f545dd314899e61e406ceaa76601c816dc3c1a7b407f88850
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage/Page.NewCyber.Cyber/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamp/Page./8c362243-68160950.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 5565
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-15bd"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-558c3a71a62bdfc6aef17672ced2ecff-3ca925d1b15c7d59-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-07T15:18:15+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/4b5c6c89.css | 185.244.209.62 | | 6.7 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/4b5c6c89.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (53058), with no line terminators Hash173f5247c95e1b42bb3b77ed0a8eb44d 5b4b32ac3c6b995e254b7e8e1ecdf00ef4882aa9 f20b6d24581afe4c6af83abbc14b11194385c8e5f15a27e972724f61891c6dd0
GET /_nuxt/desktop/default/css/4b5c6c89.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: text/css
content-length: 6667
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1a0b"
content-encoding: gzip
expires: Tue, 07 May 2024 12:55:22 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-dc5991e2c1082fa5810d73ac7f8c6e75-6bd02ce48fe7fba0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:55:22+00:00, 2024-05-07T15:18:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js | 185.244.209.62 | | 32 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64912), with no line terminators Hash474bfa89621896100251055f7c19712b 0e19c615fc77f9ed2d69d74b7f8a42d41c6f5138 ea0fef6e0a33df0b36bdce2df6b8bf50eef0dd3b71c7c6fc567a7d7c5d39fdd3
GET /_nuxt/desktop/default/Page.Betting.Asia.Homepage-633ca92a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 32522
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-7f0a"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1165900a5a288dc5a367bc249545fb82-b333af6afd90ebf4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-07T15:18:15+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/f72f2b10.css | 185.244.209.62 | | 4.8 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/f72f2b10.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (38649), with no line terminators Hash8ab5f1e804e2a4565dea164054ff0907 7ee2bea2c9dcb6424f707c35588a316a249270fa ce3424802faaac382a0efe23fbc285123fae95d0461ecf26e4881e1907acd9ec
GET /_nuxt/desktop/default/css/f72f2b10.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: text/css
content-length: 4780
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-12ac"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fabca6ff21db7830abf19ceccfe5e155-9432d6a625b7ca89-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:13+00:00, 2024-05-07T15:19:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-2f003ed9.js | 185.244.209.62 | | 29 kB |
URL v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Main.Asian-2f003ed9.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (64788), with no line terminators Hash6bb873114649db4b87839383a7d31921 91b56ad064a4b8fd0d7edb89a040c6b9d06866aa 6dc41e4f75d65dd3dc2f311198e1a9b2b65e0687c2d905b7d64cf9265f7bda2d
GET /_nuxt/desktop/default/Page.Betting.Main.Asian-2f003ed9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 28917
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-70f5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:13 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-9d89e00e92f844f1cfa7c7406f8ee9e2-1ed2a581a05cab10-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:13+00:00, 2024-05-07T15:18:15+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js | 185.244.209.62 | 200 OK | 22 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65476) Hash45f90516ee8a557d78c08e1e925c1490 adc0363ed75f47f9513a36a94173c6e4940a2adc f5b8b3c4e62dbb4ebc5fd634f5bb17b3145a14c21bdc3e9c0a4dcb45b9e573fe
GET /_nuxt/desktop/default/vendors/plugins.v-tooltip-ff4800a4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 21889
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5581"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-2e766fb731e41bc258562b614e2685f2-6cb6971dcda457c2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-07T14:53:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js | 185.244.209.62 | | 4.6 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (12527), with no line terminators Hash805e7c2cd861f2191db66c39ab28e86b a6353246547e9a9fd01093fcb784d708d187e3ef 82686dab55962ead6916346bd901b3fc03357bb2a0e74dfe966ff784d75b2368
GET /_nuxt/desktop/default/vendors/plugins.vue-notification-4e9ad522.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 4556
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-11cc"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-64e6920aa8c9eb078672fc595034e75c-c68de54c124b67bc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-07T14:53:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css | 185.244.209.62 | | 953 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/e5c0e314.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (3352), with no line terminators Hash748da80084597d87b4ff5e98b017b07b db6ad2ec24bfcbe751a23061d935403e1163f471 4eaf4071f43aaa0243a4c6948131b7a3e03fe6ab1f4228da38e8588c15e01f24
GET /_nuxt/desktop/default/css/e5c0e314.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: text/css
content-length: 953
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3b9"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:11 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-64981a3c453a0d7c998676e126fb162b-0cb87441068f83d0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:10+00:00, 2024-05-07T15:29:39+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js | 185.244.209.62 | | 8.1 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (26717), with no line terminators Hashead4a901af60e4b8138e732f0aea9637 7c1d57d444a07553738ddcb8b6a2bee305a0c215 e6bc116e4cb54d011d2a1fa1f87ab12d1f320aa8dc54c89b1f286f2b02ee14c0
GET /_nuxt/desktop/default/vendors/plugins.vue-js-modal-11d3184a.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 8055
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1f77"
content-encoding: gzip
expires: Tue, 07 May 2024 14:31:59 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5eba212242dd5ffb0c105ec7072c754f-6803934e1c0caac6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:31:59+00:00, 2024-05-07T14:53:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js | 185.244.209.62 | | 2.1 kB |
URL v3.traincdn.com/_nuxt/desktop/default/date-fns-locale-21-290f49eb.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (6960), with no line terminators Hash91d17dbf833b48149a8b5d2f21895879 bd71a45fa4419ab4ddbc676f0a9cca2be05e1703 f085ff2e310ab82817411e3ed64d0902de49e149d0958cadb91d518ed5854335
GET /_nuxt/desktop/default/date-fns-locale-21-290f49eb.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 2120
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-848"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:15 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-74ceab9c5f8b18bb53e166f0899afd14-385cd1b2cebda43e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:15+00:00, 2024-05-07T17:01:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js | 185.244.209.62 | | 999 B |
URL v3.traincdn.com/_nuxt/desktop/default/DC-7e6a4aad.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (2336), with no line terminators Hashb44bc16cd2630bfada5ec9cbdbfcafab 43918946155d48f6cc8ecba42e2cf2cab28debd7 189ec6fd8e44cc47498706a2d2c815da1dc255040ef5ef57f5faa7c10c05ae42
GET /_nuxt/desktop/default/DC-7e6a4aad.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: application/javascript; charset=utf-8
content-length: 999
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-3e7"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-064eb7e0e1729d22d9132bc1a0b1fcbe-b238101805e7c151-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:01+00:00, 2024-05-07T14:53:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 | 178.253.29.51 | 200 OK | 141 B |
URL GET HTTP/21xlite-461430.top/seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashbd9be2fa89d26e9e6f1b2e08ffcd0ed6 90eae25ee792254c7ca97e98c5782078f9bdc37f c11510c5556799ec6bf918684e80903d08cf6237d3c4f94d32a8ebf35d067a1d
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /seo-module-api/api/public/v1/analytics-counters?url=https:%2F%2F1xlite-461430.top&projectId=285 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: application/json
content-length: 141
cache-control: max-age=1200, must-revalidate, public, s-maxage=1800, stale-if-error=86400, stale-while-revalidate=300
x-content-digest: enebf83560af95b198ca2d2caf127b1151
age: 1143
x-request-id: 79bfbd70a254d2ddd91bc0b1cff1afeb
x-request-guid: 79bfbd70a254d2ddd91bc0b1cff1afeb
x-time-ng: 0.016
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=5.5201053619385, wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js | 185.244.209.62 | 200 OK | 1.6 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Betting.Core-d4a24bae.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (2425), with no line terminators Hash3a0e4a54185bcc66d2e032dd30a385eb 627755ca54def0761f25f827d5b4cb483e1ca83d e0bc5ffed1e6fd6285fea94e991fa8ec48a5f17677519c766d7ee7e757a02239
GET /_nuxt/desktop/default/Betting.Core-d4a24bae.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 1577
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-629"
content-encoding: gzip
expires: Tue, 07 May 2024 10:54:52 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-031c67a03b271536bf4a43d3f7397d4d-9d4c1b1655403ab8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:54:52+00:00, 2024-05-07T11:19:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/version.json?timestamp=1715111068986 | 178.253.29.51 | | 44 B |
URL 1xlite-461430.top/version.json?timestamp=1715111068986 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash265e4e9c948f929631d7e9bcf0d19d5b c70f40cde4e09003b980fdae5130f3695de16add 62ec6fa5c15470b882bd7e05f5651b0a265a0cb2857cffa5cbfa34b3d2cf42ba
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /version.json?timestamp=1715111068986 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1920
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: application/json
content-length: 44
last-modified: Mon, 06 May 2024 10:24:15 GMT
vary: Accept-Encoding
etag: "6638afcf-2c"
content-encoding: gzip
expires: Tue, 07 May 2024 19:45:29 GMT
access-control-allow-origin: *
cache-control: max-age=60, max-age=60, s-maxage=60
accept-ranges: bytes
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (3229), with no line terminators Hash0cc9277dab4117c9b162cc01e1f0b97f 5b7d9007e2d99d3715c5f226aadf44aa4da4332b 6d7637a83c7812813039573e9c67efbb30e4021a971c546621a397eb72ea4bd0
GET /_nuxt/desktop/default/consultant.supHelperV2-ef321a16.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 1451
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5ab"
content-encoding: gzip
expires: Wed, 08 May 2024 08:42:00 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-45d12495eae0582f8611f93baeb18f27-9c9b3e039cda5b91-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:42:00+00:00, 2024-05-07T09:23:42+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json | 178.253.29.51 | | 1.8 kB |
URL 1xlite-461430.top/genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hasheec4805fe0f6e17d5ade92a382f5b068 ca6a26fe8ea31e66c0bef88c4e7f489dce9f9a4b b50904054641c30b6b4ee7ed4290b52022825f2e9e9e3a4a060b8ecddf28c898
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/1-285/desktop/media_asset/6a3b01d318b759a5d8cbcd76fd908037.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:28 GMT
content-type: application/json
vary: Accept-Encoding
last-modified: Wed, 28 Feb 2024 21:42:45 GMT
etag: W/"eec4805fe0f6e17d5ade92a382f5b068"
content-encoding: br
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js | 185.244.209.62 | | 7.4 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (32231), with no line terminators Hash56a0eecb3ec4576e9abf6f8f3e2707f9 6ddfcb4b1669c1323d87906b720fe8e4c258c143 81a5331c3ce30f9e8f21bf5e69591e24dd0c77d9b69157bf0a5e2242fc299ed4
GET /_nuxt/desktop/default/vendors/Page.Cyber.Game/Page.NewCyber.CyberApp/Page.NewCyber.CyberChamps/Page.NewCyber.CyberDashboar/ff3e75d4-74b93b4d.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 7381
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-1cd5"
content-encoding: gzip
expires: Wed, 08 May 2024 08:41:53 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-cfc8bda4bcebd134d1d2f7274c9e299b-079c82bff40c7768-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:41:53+00:00, 2024-05-07T10:11:00+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js | 185.244.209.62 | 200 OK | 7.7 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (31337), with no line terminators Hashf9da465f4f7355523306ce6bbf89c0d5 c39974e7867bcdd6bbe385ba52c9be335afdfe6b a5ff3777031e8ee4babfe1d6a7a6fff1fb2fc0db58de71ea8202bc37a7aab0f2
GET /_nuxt/desktop/default/vendors/betting.SportMenuApp-bfe18bfa.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 7722
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1e2a"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-698b94129261547a4573cbaecfeaf15c-32a17cb07d0ad112-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T15:18:29+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css | 185.244.209.62 | 200 OK | 3.0 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/ad481252.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (22886), with no line terminators Hashf1e1bb557e1155bf9c70751dec445176 013c5224a1bbbf0d6603f25e31863aa90f279b40 7aa1af5184d161c5f279c0da3199cef2dfc0aac5e90cce3e880f1f89401a0a15
GET /_nuxt/desktop/default/css/ad481252.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: text/css
content-length: 3006
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-bbe"
content-encoding: gzip
expires: Tue, 07 May 2024 12:29:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3c7c2b8f5987c294c572a5d9c7a51edd-40ff542ef3c8a369-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:29:01+00:00, 2024-05-07T17:01:18+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js | 185.244.209.62 | | 25 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65483), with no line terminators Hash756179b1f968d35107908086a552c869 5c1f6c8a0c1eed4246c04dac52c4b7056fc991e8 37093cd5b15bf40421db8a64625a01317d043479685d2e1f84accb8fbf992ea6
GET /_nuxt/desktop/default/betting.SportMenuApp-1f0079e1.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 24938
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-616a"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-98e39eb357b69ed92ed7c99361b016db-1dcb8ae253c44901-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T15:18:33+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-f347b217.js | 185.244.209.62 | | 7.4 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.HomeSliderComponent-f347b217.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (27479), with no line terminators Hash18963957c8f45d24c0819a973d362e7b 5a1846a89c5cc9e8028044ff5948bd94f428c412 d1c98b4199c034c2a115ba70268a3e536640ca8b992887df0b085d476ab1275f
GET /_nuxt/desktop/default/vendors/betting.HomeSliderComponent-f347b217.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 7388
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1cdc"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1bf2ff2c75e1f72b5c911aa456e706bd-156db3d15961c671-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T17:01:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/85022173.css | 185.244.209.62 | | 1.7 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/85022173.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (9757), with no line terminators Hashd9ff2bf37891da2be05d7fd5442113f5 419f63a7b47f983139a1cdc040707ab4b90bc255 05d90d1e2368c45cf52f0796d76035b98b8ab02ff57d218005ddffbfc20963c5
GET /_nuxt/desktop/default/css/85022173.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: text/css
content-length: 1731
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-6c3"
content-encoding: gzip
expires: Tue, 07 May 2024 12:55:22 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-c3fb5da2fac7285ac37ce1753e41a352-896a9ddd21a09045-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:55:22+00:00, 2024-05-07T17:01:18+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-b079a12e.js | 185.244.209.62 | | 7.6 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.HomeSliderComponent-b079a12e.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (24523), with no line terminators Hashdff08fc651e74f6ad7d80f2cb43e29e5 e1b0c10b245faa60623785bdefd27c9999483231 fb6ee46c49eb61f09a2dbfe856f0b41f4206323fd9dcc2dc8921ce951b9780bf
GET /_nuxt/desktop/default/betting.HomeSliderComponent-b079a12e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 7605
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1db5"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6688b17c57548809b29f4ff18d41c134-39283bd3d8c98179-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T16:33:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/9f2746da.css | 185.244.209.62 | | 1.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/css/9f2746da.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (6439), with no line terminators Hashcdd7464b2b178b37ed8a1368b6383203 0a13fc4908d91476649bb51e33d690b460a5a89c aeacff8e3f578ea2842f067e3f42d53e72a4f668cf526c60dc659bd89f5a3c6b
GET /_nuxt/desktop/default/css/9f2746da.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: text/css
content-length: 1305
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-519"
content-encoding: gzip
expires: Tue, 07 May 2024 12:29:01 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-741a766b13041f1b687c39d84ebd4d49-016548ab67fba613-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:29:01+00:00, 2024-05-07T17:01:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-a5b5de2e.js | 185.244.209.62 | | 19 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.CentralMenuApp-a5b5de2e.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65283), with no line terminators Hash4fb1e7d0f5418f3df96622b000ebe6fb eef890c8cf6d2c72eae34e39ba2e8e6ff79c8754 fd9fede696dd12b00cc9af15ca68f1209b5fd351f5bc32052221adbbb12d8e8b
GET /_nuxt/desktop/default/betting.CentralMenuApp-a5b5de2e.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 18960
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-4a10"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-531cac6fc61d2f27a4979c859189280c-cf1e79dee8487193-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T15:18:34+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css | 185.244.209.62 | 200 OK | 459 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/526e44d9.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (1526), with no line terminators Hash97fdf5b6e7dfddf6ab251e984133b2c3 bb552fe685c52c34e0ed91e4dfaa9df2675ad086 92fcdb73c544b1f2befe78685340fd3371e920187a2232f8e4bffd73985d40e3
GET /_nuxt/desktop/default/css/526e44d9.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: text/css
content-length: 459
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1cb"
content-encoding: gzip
expires: Tue, 07 May 2024 11:05:30 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-87d812ffe80424342ec87676b20fcd27-d0ac698990c562bc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:05:30+00:00, 2024-05-07T15:46:31+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js | 185.244.209.62 | | 17 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/betting.media-233f5bf5.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (41022), with NEL line terminators Hash45302df89a240c65824afccc0240c030 84573118a402aa9a4ee0321ccf3f914c438a8369 25b695450684f580508f24855ea2d181ecd499e26573010621dd4a2ddc5af16a
GET /_nuxt/desktop/default/vendors/betting.media-233f5bf5.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 16831
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-41bf"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5d1709bd3f33acff1e4e289f20438d3b-6f3df9a9a9b5e8d6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T15:14:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css | 185.244.209.62 | 200 OK | 1.5 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/ff267c5c.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (7000), with no line terminators Hashf379bc6f4b94f34d96f6fe51159bee63 f4c0d4dbef1e1e734e84e05d75e4ff950d06eb60 b2a5bd6495250a19500dd5a6ca62f045c8b70226a668dc63ef40c78883bdae11
GET /_nuxt/desktop/default/css/ff267c5c.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: text/css
content-length: 1486
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5ce"
content-encoding: gzip
expires: Tue, 07 May 2024 14:34:32 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5390676824dcb62abced9c16f6455e67-fbfa1cc394858b13-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:34:32+00:00, 2024-05-07T17:11:07+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js | 185.244.209.62 | | 4.7 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.media-64ed71be.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (16761), with no line terminators Hashfda91a0dd5e8251a0c4c540d7e54ed52 3c4a6e38286708cd62ff071ccf97e73f37200728 b3c3c2ee09cf4af0164878165cd9971fbfe83a461c18ad0ef7cfc33b36b782ef
GET /_nuxt/desktop/default/betting.media-64ed71be.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:29 GMT
content-type: application/javascript; charset=utf-8
content-length: 4726
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-1276"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-bf2587063fe4a3dda981391d29be2942-f046a82b5f17f5ba-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T15:14:52+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 | 178.253.29.51 | | 176 B |
URL 1xlite-461430.top/service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashac86deb03def477abf768a8455c8aa90 87bbc45a47946c01a6f494da652c5b1940e4a62c 6a19047f1e73a26daaac3ec171356c005d39984c931de6c0c0b4184ade05c55b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/gamespreview/getbanner?whence=55&ref=1&gr=285&lng=en&fCountry=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/json; charset=utf-8
content-length: 176
x-time-ng: 0.007
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/session-api/sessions/user | 178.253.29.51 | | 16 B |
URL 1xlite-461430.top/session-api/sessions/user IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash646b2e82b65602d35f7aa6283c387e3a b163a70c5df8e4b0861a23a04f8a6f78393747f4 b68bf12405ee2cb5b76764df21dbc2df0953ddff4072ddc5281d1aab05e8c4ab
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /session-api/sessions/user HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/json
content-length: 16
cache-control: no-cache, private
x-time-ng: 0.003
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: p;dur=1.3480186462402, wf-uht;dur=0.010
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/bff-api/event-logo/v2/suitable.json?lang=en | 178.253.29.51 | 200 OK | 2 B |
URL GET HTTP/21xlite-461430.top/bff-api/event-logo/v2/suitable.json?lang=en IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashd751713988987e9331980363e24189ce 97d170e1550eee4afc0af065b78cda302a97674c 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/event-logo/v2/suitable.json?lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/json
content-length: 2
cache-control: no-cache, private
server-timing: bff;dur=16.46, dt_total;dur=17.696, wf-uht;dur=0.025
traceparent: 00-3b016605b80ddffbaa0d07c33ef78fd4-c5e9b2d19b06ae64-01
x-dt: 285
x-time-ng: 0.017
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css | 185.244.209.62 | 200 OK | 97 B |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/88cfac66.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with no line terminators Hash9deb70dd3fbdc7061ed21c5632fbc55b 22ae1cadf75b3fdd5e3e3762842b1b7a6f6e7ed8 be8196057ac43ab3882caf30239c364e1ef4ceda087e92ca87187ce239f022f9
GET /_nuxt/desktop/default/css/88cfac66.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: text/css
content-length: 97
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-61"
content-encoding: gzip
expires: Tue, 07 May 2024 16:27:42 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5e2065d6c716fc4b4a3d56440ae3e6be-306087af3cd24ab4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T16:27:42+00:00, 2024-05-07T13:45:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-022bbfcd.js | 185.244.209.62 | | 8.5 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-022bbfcd.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (25972) Hashe30c678eadf7bd0fcc773e1599b97ddf 41243dc14d9eb2569fa832a3b8c27fc0158991aa a4334d54b8db6d6eceb88c48ee428dfbb0ad3749d4137439f77859e205b52806
GET /_nuxt/desktop/default/vendors/Auth.Forms/RegistrationWidgetApp/components/userControl.auth_form_extended/registration.Main/da7322db-022bbfcd.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 8520
last-modified: Mon, 06 May 2024 10:23:04 GMT
etag: "6638af88-2148"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3afc147498ecbb661630c730cc59664b-17419388e90bcce2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T15:30:09+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/common.svg | 185.244.209.62 | 200 OK | 61 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/common.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hashd06bf41053bfceeacce5ce81c2d5e127 a931e6c25ee810ebbde2676897136da483ca0270 d8b84efb966fa7312506c341fac49ec94ec024bf03597ee9ec795e84d54d7d7b
GET /sys-icons/1.0.328/285/common.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"7bf3e9e7d79beac942f5e7748a3af2e6"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:01 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b5c895192a2f6b1a0992f5730261a054-16d803738bcbaa91-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:01+00:00, 2024-05-07T12:12:51+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js | 185.244.209.62 | 200 OK | 21 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (65536), with no line terminators Hash05e740893c07a5cc45b5f0f2d787dbf5 28c364157e02ce207609bca53064a4b513e8bda7 a2af38a1cec7178448ce8d1aee99190b643f50894d3d05cac2e5234caeac8e5e
GET /_nuxt/desktop/default/vendors/RegistrationWidgetApp-4b1f6e54.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 20768
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-5120"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5bafbb561cda95a7f26f71a13f1564d9-7ab1b6a2bfb7d7a7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T16:46:08+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-183c618c.js | 185.244.209.62 | | 579 B |
URL v3.traincdn.com/_nuxt/desktop/default/betting.coupon2-183c618c.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (1003), with no line terminators Hash54f54116f151f6469527d5f5c584887c 8078098cda5d50eeb285da4fc78655562f8324ed 8112adb0bbfa619109d5a6c3263e5e1761599c14b3c474b58b2f5ca512b46efb
GET /_nuxt/desktop/default/betting.coupon2-183c618c.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 579
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-243"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:16 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-36ec36dba1d413fc5ce5b3126ef63f83-32f15ad3e38a6cd6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:16+00:00, 2024-05-07T15:18:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 | 178.253.29.51 | 200 OK | 412 B |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash8b7a260655ef056099ed8505b06114f0 66f33894ccc9fc85a0283a0789982c604ef71fc6 9f8e28d259082c262918693510ab649dd54c73f35c781294632e359e4ef74e80
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/json; charset=utf-8
content-length: 412
cache-control: no-cache
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:30 GMT
vary: Accept-Encoding
x-time-ng: 0.005
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 | 178.253.29.51 | 200 OK | 2.4 kB |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash6915a8323e17c686bf76f00bbd894032 47971e371da7e1281f0e18257d6418867d713108 e1d8811b5910cec7c8f9f53da2105c21c1614c0bf90d7255fa17949fc04aef42
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/json; charset=utf-8
content-length: 2419
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:30 GMT
vary: Accept-Encoding
x-time-ng: 0.004
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.012
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg | 178.253.29.51 | 200 OK | 263 B |
URL GET HTTP/21xlite-461430.top/genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typeSVG Scalable Vector Graphics image Hash28e2c161800b61b985a163f5c492ae51 8845ea940210b4ccb195cca855a598e6aaa58ed0 77c93c24e4eb0f8815a7526d405818c9a38ba6e4317f1fee588fffbc00cb17de
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/86f18367ce2829388dcdabccb99b1740.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: image/svg+xml
content-length: 263
last-modified: Fri, 23 Feb 2024 10:01:24 GMT
etag: "28e2c161800b61b985a163f5c492ae51"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg | 178.253.29.51 | | 296 B |
URL 1xlite-461430.top/genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
File typeSVG Scalable Vector Graphics image Hashb1bf63d00887bb0354e9d89c7d790a01 2d64ab25c9afff682abd6732f62ba62a197e972b a6a4fbbd99a0a82de03f05da827ccd9d019574bf3450727530403c2b5ce92df0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/dbc1950bbcc8e27b5dbec1f42635e8d0.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: image/svg+xml
content-length: 296
last-modified: Fri, 23 Feb 2024 10:03:47 GMT
etag: "b1bf63d00887bb0354e9d89c7d790a01"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg | 178.253.29.51 | | 506 B |
URL 1xlite-461430.top/genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
File typeSVG Scalable Vector Graphics image Hash9c340eae608db0c25657b4a73d769afe 988fbf333a2e9290211cd9e6b7c98c59719012b0 b92e969acd8a1e0f9cfd1f84080ca5ccb8cb49b105299434c275a8813faf841e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /genfiles/cms/desktop/contact/6726b16cfb4e516989153ce398d4a0e4.svg HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: image/svg+xml
content-length: 506
last-modified: Fri, 23 Feb 2024 10:03:36 GMT
etag: "9c340eae608db0c25657b4a73d769afe"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/logos.svg | 185.244.209.62 | | 19 kB |
URL v3.traincdn.com/sys-icons/1.0.328/285/logos.svg IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeSVG Scalable Vector Graphics image Hash7e8bd1abf2a3b3b6349664b597c0c0f7 826590a1e0f339ebe3e8ef135a618794b3258d8e 9c23cd7f8ff3b26730f961590aba6e305f48f4975dc47be286bc74388cfbbc59
GET /sys-icons/1.0.328/285/logos.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"c45fb3adb3e47bdbd03c88fc4c4309aa"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:05 GMT
cache-control: max-age=86400
x-time-ng: 0.003
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-9319da48e9388bb6069d85c499c417af-f77f4ac41031fb63-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:05+00:00, 2024-05-07T12:12:51+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json | 178.253.29.51 | 200 OK | 23 B |
URL POST HTTP/21xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash431e50b6bad4138accca8f3e1828b16c 81f13010d121a77cfe49a2b583776a231bd92fad 17c15c33557f77f8cefae199c56f3578d0fea95058bf61e3a853645e883a43ae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
Content-Type: application/json
X-Lang: en
X-Uuid: fa96d4d2-3db8-410f-a336-cb8937b44ce9
Content-Length: 81
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.007
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/checker/redirect/stat/run/ | 178.253.29.51 | | 14 B |
URL 1xlite-461430.top/checker/redirect/stat/run/ IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash2de0d0acfd684235f066bd0ec0c9e3df 68d0cb64805a42d7e40f43e8e198986b43dd6b69 9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /checker/redirect/stat/run/ HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/json
content-length: 14
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.008
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/bff-api/config/contacts.json?type=2&lang=en | 178.253.29.51 | 200 OK | 6.5 kB |
URL GET HTTP/21xlite-461430.top/bff-api/config/contacts.json?type=2&lang=en IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash5e57488ece417dfb2d0d023a6c9d0423 cc3add288721c1e6c3d3e9413fd0de50a9d38467 8da57ebaa0d0d6ecfbac547e80404973484e6cd38820bb8adfcde943511e4c28
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /bff-api/config/contacts.json?type=2&lang=en HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: bff;dur=32.54, dt_total;dur=34.964, wf-uht;dur=0.043
traceparent: 00-4f44f58c7fd349b723afa53ff13083c0-9b696c575be05ec9-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.034
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/0e3e1e8d.css | 185.244.209.62 | 200 OK | 1.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/0e3e1e8d.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (5638), with no line terminators Hashbe85f100312ee4f9396b6e89cbcb0fef 3934783d38d182ddcaccfdedbbe4fb65c266864c 06a9b859f60f7872c7beaa8286d3c1f45708dd0e1dee20f4c0d55c8719cc2983
GET /_nuxt/desktop/default/css/0e3e1e8d.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: text/css
content-length: 1193
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-4a9"
content-encoding: gzip
expires: Tue, 07 May 2024 12:28:47 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-06ffbbd394659b080f112b779ce301b7-2c5fdb6feeea4bf5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T12:28:47+00:00, 2024-05-07T15:29:48+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-b6662b37.js | 185.244.209.62 | | 4.1 kB |
URL v3.traincdn.com/_nuxt/desktop/default/DownloadAppWidget-b6662b37.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (12039), with no line terminators Hashd5bb5783c476219b31ce5582083fd74b 326b40532b72988c1d23fb931daabead75d18482 2724a816ddb0fd1234ca8cebf9db4fd60290f282fcfcb5619ffe70be9c0160b7
GET /_nuxt/desktop/default/DownloadAppWidget-b6662b37.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/javascript; charset=utf-8
content-length: 4124
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-101c"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:35 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d35ce79f359cb268fc300e16a4e7646d-0c600d37ec8aa6b8-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:35+00:00, 2024-05-07T15:29:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/logo-champ/86b3049b3592a71249e7cc77927822d4.webp | 185.244.209.62 | 200 OK | 7.3 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/logo-champ/86b3049b3592a71249e7cc77927822d4.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash1c59be4ac66b547cc682fbb1c014758b d8dca246fdc4a72e34d1e934bc2721ca4c1f17b9 28ca3421890ea711e51a20f2825aabeb59e79d604182cd4f76d2b2c3b92034bf
GET /sfiles/logo-champ/86b3049b3592a71249e7cc77927822d4.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 7314
last-modified: Wed, 04 Jan 2023 08:00:16 GMT
etag: "1c59be4ac66b547cc682fbb1c014758b"
cache-control: public, max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5f20c67fb62f010ea027aa43837ca112-a8f8e447e7583d29-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T14:14:25+00:00, 2024-05-07T18:09:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/sys-betting-app-front/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru | 178.253.29.51 | | 25 kB |
URL 1xlite-461430.top/sys-betting-app-front/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash42f69c0981314c0762b8462dbeea33df 635439b62b24191d731bbbb9a5fc4aaecd75bf15 c5a39e3aa4bacf8f709dfa3d0f1d7d625e8c5eb7f0bf9a082893ca8806c4130a
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /sys-betting-app-front/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
mf-render-mode: json
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/json
content-encoding: br
server-timing: total;dur=18;desc="Total __BETTING_APP__", dt_total;dur=22.000, wf-uht;dur=0.042
set-cookie: tzo=3; Path=/
traceparent: 00-cbde7937360c9a35d7675c7fbedd3ef9-30614c3c7167089d-01
vary: Accept-Encoding, Accept-Encoding
x-dt: 285
x-time-ng: 0.021, 0.024
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/2c00163238eb3b254debbc851815b59a.webp | 185.244.209.62 | | 756 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/2c00163238eb3b254debbc851815b59a.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashdac94c1474f2a432abb37b3be6c4d7f3 96d89c3f396a26d343e7898638dc646981e5d3ba e416b048a24f4feadba98a0304f25896032247db439327b21200a988bc560bca
GET /resized/size16/sfiles/logo_teams/2c00163238eb3b254debbc851815b59a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 756
cache-control: max-age=94608000
content-disposition: inline; filename="2c00163238eb3b254debbc851815b59a.webp"
content-security-policy: script-src 'none'
expires: Thu, 26 Nov 2026 18:14:35 GMT
x-request-id: f5fc7ae13310b90e1777d222c1cea713
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ebe4ca944f6bb98f95bfa50a45d37e32-516377bd7249172c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-11-27T18:14:35+00:00, 2023-12-18T08:01:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/logo-champ/a77b9d632ad5933f8f0d32727e773a47.webp | 185.244.209.62 | 200 OK | 1.4 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/logo-champ/a77b9d632ad5933f8f0d32727e773a47.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash144c63ffbf2346e0e0105f6da18e1f72 05818a758c864fa118405a0b152e31216e047dbf 40c8cc803649193320f5d674d7f7b4dd2b17ce3eb29d49e1cba609668229b8dd
GET /sfiles/logo-champ/a77b9d632ad5933f8f0d32727e773a47.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 1406
last-modified: Tue, 03 Jan 2023 16:57:08 GMT
etag: "144c63ffbf2346e0e0105f6da18e1f72"
cache-control: public, max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4fef2efe6d568a56af56c7b077def8f9-4786a67ca9e62603-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-30T16:55:04+00:00, 2024-05-07T01:49:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/6164.webp | 185.244.209.62 | | 828 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/6164.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash0926945c12580b007cb381f4adedf0af 64def48dda61b71609999bb7cfda07433d3f99ff e852afd8d9de59223b85b27b6be83e708b59d15bc8b38357804af8ee62a22fcf
GET /resized/size16/sfiles/logo_teams/6164.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 828
cache-control: max-age=94608000
content-disposition: inline; filename="6164.webp"
content-security-policy: script-src 'none'
expires: Sat, 17 Apr 2027 05:17:55 GMT
x-request-id: 186ea5ac2466ee4d56b5b2bbca4c3e43
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-78baea1d1e8320fca9c4b4549982d843-2807b179bf4fbf55-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-17T05:17:55+00:00, 2024-04-17T13:48:53+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/11637.webp | 185.244.209.62 | 200 OK | 760 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/11637.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash51737e46ad93618e5d1052947ca2b752 2d0114bdf4c4ad72ee24b5b74b9b8af9157570f0 cfd80ca4c14ba34af20f4e0d61940fb5ab5d2c00d67e1dbdf6e6a8d7473b8e39
GET /resized/size16/sfiles/logo_teams/11637.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 760
cache-control: max-age=94608000
content-disposition: inline; filename="11637.webp"
content-security-policy: script-src 'none'
expires: Fri, 26 Mar 2027 09:22:50 GMT
x-request-id: 2c615786b7803e155dac79577444fe1e
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-498f108a24e691db6b12538c197023a8-560826d61f0ed463-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-26T09:22:50+00:00, 2024-04-06T16:01:41+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/logo-champ/407e3f43a3627577256dd6545f65adcc.webp | 185.244.209.62 | | 4.2 kB |
URL v3.traincdn.com/sfiles/logo-champ/407e3f43a3627577256dd6545f65adcc.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hasheeb47ddeb14a734e9b82a4134e4d96c6 d38b5f569ad87151fc7e9f8cccfc964d5f82a7b2 c3754566035e0f00775deebc3733c782637bd40e78f55299ee9c3dfaac5af2d8
GET /sfiles/logo-champ/407e3f43a3627577256dd6545f65adcc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 4224
last-modified: Thu, 28 Sep 2023 05:23:12 GMT
etag: "eeb47ddeb14a734e9b82a4134e4d96c6"
cache-control: public, max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-761241e504165e08f8c7b2f7d1426562-b603ac9a448a4a8b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T09:35:33+00:00, 2024-05-07T19:13:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/da451e57af45eee428d0e149df97b7a1.webp | 185.244.209.62 | 200 OK | 676 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/da451e57af45eee428d0e149df97b7a1.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashde6d121e8f1864ad6b5129ca678efc30 9596fb58e1360a28c6cbc662bef56f2d7207856c 9253137230245b656564e6cea07668419b7ac120928c7cc3afbf4db70f623612
GET /resized/size16/sfiles/logo_teams/da451e57af45eee428d0e149df97b7a1.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 676
cache-control: max-age=94608000
content-disposition: inline; filename="da451e57af45eee428d0e149df97b7a1.webp"
content-security-policy: script-src 'none'
expires: Wed, 28 Apr 2027 07:21:34 GMT
x-request-id: c4bab3b784e2b93a7698e040072f858f
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-f5925ed8332b5d49272eb761c8a41ac2-cb49cec468f528c1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-28T07:21:34+00:00, 2024-05-06T03:41:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/e0e81502b16088c58a48103b0b540c90.webp | 185.244.209.62 | | 850 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/e0e81502b16088c58a48103b0b540c90.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash491a2ea16997542479fe5b5ad1f76805 ea8b368d9fe0b8edb95aeffafb0082ebfed517cf 94587de5ddacf8d72b17475b75eb371b01e5e30c708fbe1577ec24875bd77b6f
GET /resized/size16/sfiles/logo_teams/e0e81502b16088c58a48103b0b540c90.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 850
cache-control: max-age=94608000
content-disposition: inline; filename="e0e81502b16088c58a48103b0b540c90.webp"
content-security-policy: script-src 'none'
expires: Wed, 21 Apr 2027 12:39:15 GMT
x-request-id: db12a34e9af3580aa03b98ce8f83ed1c
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-399a628f0910ae0e0ac180d1cb2680d8-6d02debc5643b88a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-21T12:39:15+00:00, 2024-04-22T18:56:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/82174f786532c421fae119401f579031.webp | 185.244.209.62 | | 710 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/82174f786532c421fae119401f579031.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash129aa38bacf805c418a76f7837122a93 4ef1d6267b803021147e1885379838fec3af3017 032aff74b0a3937797ed48a355db05d3696842dbbb14a1173050b5648bedbd1e
GET /resized/size16/sfiles/logo_teams/82174f786532c421fae119401f579031.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 710
cache-control: max-age=94608000
content-disposition: inline; filename="82174f786532c421fae119401f579031.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 14:32:12 GMT
x-request-id: 81aba129af3101625101848e114ed95c
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-502ac7e5a99d7845edbbac4b942c3e73-f93167f3d05ff24c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T14:32:12+00:00, 2024-05-05T22:46:59+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/5a39013c2a9f4ce97ab03e3175b4429f.webp | 185.244.209.62 | | 772 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/5a39013c2a9f4ce97ab03e3175b4429f.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash55e12269d7720f21d2b3baa0bd8d145f e688e74296edc55d1a6702f8fd29314b204c3509 cdac4e580f522b48481e81ad599e795a9fcd892f95d6d24f4da12cf1aa980af7
GET /resized/size16/sfiles/logo_teams/5a39013c2a9f4ce97ab03e3175b4429f.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 772
cache-control: max-age=94608000
content-disposition: inline; filename="5a39013c2a9f4ce97ab03e3175b4429f.webp"
content-security-policy: script-src 'none'
expires: Fri, 30 Apr 2027 19:07:49 GMT
x-request-id: 9dcb6162566e3560ceef403ac78e10d2
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f52d6e4155b4bb3ba50045d53eeeb206-656f7922392691b9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-30T19:07:49+00:00, 2024-05-05T10:02:22+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/api/v3/bonuses/first-deposit | 178.253.29.51 | | 5.4 kB |
URL 1xlite-461430.top/web-api/api/v3/bonuses/first-deposit IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash6c497f6fefa1ff03d2b3f026ca9ea1b2 67708749c2923ee8fb64f119bfe6601df89cc754 62d6341764aac9fa45a7c7c304e969a0408d60f679d5142d0faa28e178d132c2
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/api/v3/bonuses/first-deposit HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=2; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/json
cache-control: no-cache, private
content-encoding: br
server-timing: p;dur=20, dt_total;dur=60.941, wf-uht;dur=0.073
traceparent: 00-7f1ae0f0e8719147ae760fa05caf41b6-93e90911a6d3331a-01
vary: Accept-Encoding
x-dt: 285
x-time-ng: 0.021
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/b5b24e2be70af96ffe8aa8fb3b9618d4.webp | 185.244.209.62 | | 484 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/b5b24e2be70af96ffe8aa8fb3b9618d4.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash995c4e12c47987b96e517dfb11803327 e91704e8db8243412bd4fbd49f3ddf0309981adb f28622c79b1fc5f6a32953cdbb2407390e4cb8193d6853554fb5dfa5e272b9b3
GET /resized/size16/sfiles/logo_teams/b5b24e2be70af96ffe8aa8fb3b9618d4.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 484
cache-control: max-age=94608000
content-disposition: inline; filename="b5b24e2be70af96ffe8aa8fb3b9618d4.webp"
content-security-policy: script-src 'none'
expires: Sun, 25 Apr 2027 05:32:14 GMT
x-request-id: d3a731ba623348b99a98ff76a678b5fe
x-time-ng: 0.072
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-800dacaaf67b0bd3a02771db9007e1ea-d916a63d9166dec7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-25T05:32:14+00:00, 2024-04-25T10:37:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/logo-champ/8d07d3c7c32b19c59ecd938da6a6ee52.webp | 185.244.209.62 | | 1.4 kB |
URL v3.traincdn.com/sfiles/logo-champ/8d07d3c7c32b19c59ecd938da6a6ee52.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash144c63ffbf2346e0e0105f6da18e1f72 05818a758c864fa118405a0b152e31216e047dbf 40c8cc803649193320f5d674d7f7b4dd2b17ce3eb29d49e1cba609668229b8dd
GET /sfiles/logo-champ/8d07d3c7c32b19c59ecd938da6a6ee52.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 1406
last-modified: Tue, 03 Jan 2023 16:57:05 GMT
etag: "144c63ffbf2346e0e0105f6da18e1f72"
cache-control: public, max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-1d1ea02f2c985b541b85eb1fd05e45df-d09ce6b894065afd-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-27T20:12:06+00:00, 2024-05-07T01:49:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/2dd4714fa182d5762b30af8d3081701e.webp | 185.244.209.62 | | 728 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/2dd4714fa182d5762b30af8d3081701e.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash9362222c05f01c9140ef4470275d8b45 084ca49130f0c2a28fe11b675085fe5e9737d170 a3ff2a8954b4f9d320112b6230abc1bd2d9f0c3bb36f9667967187e75160ad76
GET /resized/size16/sfiles/logo_teams/2dd4714fa182d5762b30af8d3081701e.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 728
cache-control: max-age=94608000
content-disposition: inline; filename="2dd4714fa182d5762b30af8d3081701e.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 06:47:58 GMT
x-request-id: 8d0923b3b955bc966bd6d36824075245
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-76a3adddeb5af654e611e77cdbf296dc-6cc56039e249ad47-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T06:47:58+00:00, 2024-05-07T17:58:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/30515b33f173918cd462860bf57a2526.webp | 185.244.209.62 | | 766 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/30515b33f173918cd462860bf57a2526.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash6089af5924cdf236ce109128a935c69b d8be34a7396049abda4208eca9c47116f32ebe3f f82dc63d803667c0e61ce242e478be209a4312fa002fb65fd7d6c84572290fc9
GET /resized/size16/sfiles/logo_teams/30515b33f173918cd462860bf57a2526.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 766
cache-control: max-age=94608000
content-disposition: inline; filename="30515b33f173918cd462860bf57a2526.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 06:47:57 GMT
x-request-id: f18454b5ce3f8797c45dc1b1302869da
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-f088c20f8fb62fe2c47c7de027eda99e-1502a3e8bf044e6b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T06:47:57+00:00, 2024-05-07T17:58:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/2028.webp | 185.244.209.62 | 200 OK | 734 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/2028.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashd5a7fb763f4f06fca843d067a789ff17 2be5a35985524005f3ffec0b40d27d3fa3364427 4cf91bd0946eff96455a5517e3e4a3cfa00b542cc64208c5d47e65959df44e8e
GET /resized/size16/sfiles/logo_teams/2028.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 734
cache-control: max-age=94608000
content-disposition: inline; filename="2028.webp"
content-security-policy: script-src 'none'
expires: Sun, 14 Mar 2027 12:02:10 GMT
x-request-id: 3f6a76580f370252cf98ab5f85a9cb7e
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e1014fb6898b31da240e2406039736a4-081dead0e91f5d3d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-14T12:02:10+00:00, 2024-04-04T09:29:08+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/2052.webp | 185.244.209.62 | | 812 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/2052.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash9c461eacbe262e114ed3f156c927000e 3edcc2404226ccb09006eadc1f99345b2bfb9478 d545357c74924e4d5053d713c0519ff628cc96f4c1ae4df2765868a6d94a70d1
GET /resized/size16/sfiles/logo_teams/2052.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 812
cache-control: max-age=94608000
content-disposition: inline; filename="2052.webp"
content-security-policy: script-src 'none'
expires: Sun, 17 Jan 2027 22:56:47 GMT
x-request-id: d80ed18a3bb851188480b9105144d6e5
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-dad0b467ccb08e5679251da3aa6481be-b56cf8f2cc585a4c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-01-18T22:56:47+00:00, 2024-04-04T09:29:09+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/102723.webp | 185.244.209.62 | | 750 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/102723.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash3c1e9c7c4cf7ad77297c08e821af69c9 43ae1307a017f27941899eb740566ab5339e9831 cbb3abac60ab6080d88d94b2670e3ae31b0d394bc3d72a22bca05beb91abe860
GET /resized/size16/sfiles/logo_teams/102723.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 750
cache-control: max-age=94608000
content-disposition: inline; filename="102723.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 06:36:34 GMT
x-request-id: a7103d73e126204195bf70e59d7f43d0
x-time-ng: 0.051
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-145aeba85abce5bc6b5258e6bef81337-d3a0d2c94c0a2cc2-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T06:36:34+00:00, 2024-05-07T13:10:50+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/166409.webp | 185.244.209.62 | | 738 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/166409.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashf6e38f73dde7f126e1ce59a32b67b5bd f523447da20e609e418df29ef1e2234887de2154 858bb8a9a8a41d838c2e85cd5ee09747a648c97be2f2a45f55f0ec6bb396822a
GET /resized/size16/sfiles/logo_teams/166409.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 738
cache-control: max-age=94608000
content-disposition: inline; filename="166409.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 06:36:34 GMT
x-request-id: c53a646e042bcc3909ce6d50a7c8b9f4
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-4eb4c6fad6e155d22fa98418e4e5efff-42a3a22dd9330ffc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T06:36:34+00:00, 2024-05-07T13:10:50+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/4678bacd15bdbab2e6c2606b477bf021.webp | 185.244.209.62 | | 626 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/4678bacd15bdbab2e6c2606b477bf021.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashc59f47f593004cd14918f6b68eb41be2 99aeb5453fc150a1e0dbb7c6963cc84f025f7a0e 5b457960c59c1cb883b16d6390bbee8366c230503c5294db69ab3d35286bb6d7
GET /resized/size16/sfiles/logo_teams/4678bacd15bdbab2e6c2606b477bf021.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 626
cache-control: max-age=94608000
content-disposition: inline; filename="4678bacd15bdbab2e6c2606b477bf021.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 19:16:07 GMT
x-request-id: de66b9ff0dc50b95203cbe02bdab808e
x-time-ng: 0.058
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-c40994960a0ebe415da52520440e909b-669c985d315baadd-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T19:16:07+00:00, 2024-05-07T13:10:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.51 | | 14 kB |
URL 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hasha8ffc18fe1c221c2ab36bce5b8ae3a63 9eacee49c94b662f7432a31029abff1e3534fe12 da993efb4384457ef8ff1ecd97daf172167b47f6a13a60617b402f919a36b3e8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: application/json; charset=utf-8
content-length: 13842
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:31 GMT
vary: Accept-Encoding
x-time-ng: 0.013
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/2ce493acd8aed960f4260830c6e51bde.webp | 185.244.209.62 | | 750 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/2ce493acd8aed960f4260830c6e51bde.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash76e6660daed5bca47b9afdc23f4b64ad 9d86d94a40518ef2e4f19fad4c10a3442e504440 fff24544cd9d1a9f72df1a3b12b969c94cd3b037eddeab7b320c1939352a33aa
GET /resized/size16/sfiles/logo_teams/2ce493acd8aed960f4260830c6e51bde.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 750
cache-control: max-age=94608000
content-disposition: inline; filename="2ce493acd8aed960f4260830c6e51bde.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 19:16:06 GMT
x-request-id: 8ec59030d558bf18d8ceaa5ffcae1b64
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-12e035bfa36c4a8c14948165503fb459-b0ca691b8f3bcd04-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T19:16:06+00:00, 2024-05-07T13:10:50+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css | 185.244.209.62 | | 705 B |
URL v3.traincdn.com/_nuxt/desktop/default/css/ff09be90.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (4705), with no line terminators Hash2b6cccff5325f6e14ccd6ec354319cd6 f4ec05fc468d3daddec1a3d825c29a55ce4b2050 a153e31a0350b58aad71597632348e14c954738845b58f05ca04b8212dbaca38
GET /_nuxt/desktop/default/css/ff09be90.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:32 GMT
content-type: text/css
content-length: 705
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-2c1"
content-encoding: gzip
expires: Tue, 07 May 2024 14:41:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1a6d2be6aee9e5f3acaaf418b9d188ae-56675d2d89500a19-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:41:31+00:00, 2024-05-07T06:06:35+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js | 185.244.209.62 | | 2.3 kB |
URL v3.traincdn.com/_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (7751), with no line terminators Hash3078429361b9801527b7f4deb1ff2633 c0bf69639f54697d7fcf5ee8ed06072a629b3fff 3042f5f56a8fae2d232bd88071179a50133e8d90fd11ec2f52259b23d8e0cb5a
GET /_nuxt/desktop/default/betting.SportsMenuCompact-e547fa93.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:32 GMT
content-type: application/javascript; charset=utf-8
content-length: 2295
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-8f7"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:43 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-f7ef9c366e02f64e40a5ef57e2d0a65d-a009a6100d00891a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:43+00:00, 2024-05-07T16:33:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.51 | | 2.7 kB |
URL 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash9d0a8f49749de45d4b78accfa3541a14 815159648c9ec74e8a7cce80bd6d4d4b975988c2 4d6dddf978f14d27cbff72e1cdd881868d1d7313ff751b019923692dd3abca46
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:32 GMT
content-type: application/json; charset=utf-8
content-length: 2683
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:32 GMT
vary: Accept-Encoding
x-time-ng: 0.012
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.026
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true | 178.253.29.51 | | 2.0 kB |
URL 1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashec67c5c97c841823a479db3a0d2352a3 fdbf43b602327f43549a8667c5cd40bef30aa562 b119bf9b9ecce321d91a6038e4fb0d4387d949558971d3b5c3e481b61e4b6f15
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:32 GMT
content-type: application/json; charset=utf-8
content-length: 2018
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:32 GMT
vary: Accept-Encoding
x-time-ng: 0.064
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.072
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-icons/1.0.328/285/sports.svg | 185.244.209.62 | 200 OK | 166 kB |
URL GET HTTP/2v3.traincdn.com/sys-icons/1.0.328/285/sports.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Size166 kB (165859 bytes) Hasheb58c9b1664d30661a5c61cc2d0150d5 e7f4d7ea5544e8b6b43b691e43c10f6a497c921c ed18f9b4202aa6f7ce2aa9df3863ff176a3f41f1e630b5566f743afea64f002b
GET /sys-icons/1.0.328/285/sports.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:32 GMT
content-type: image/svg+xml
last-modified: Mon, 15 Apr 2024 07:13:32 GMT
etag: W/"0c52e0c32f8f2667a72e0d57b63e02a3"
x-amz-meta-mtime: 1713165210.217888091
content-encoding: gzip
expires: Tue, 23 Apr 2024 10:38:02 GMT
cache-control: max-age=86400
x-time-ng: 0.004
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-4e7d08f843a1e3a76963a49fca458713-8bb57bcbe1b75431-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-22T10:38:02+00:00, 2024-05-07T14:01:00+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp | 185.244.209.62 | | 6.2 kB |
URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-371.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash64ff358fd3a82358542d29d53649dd85 0a15b0731a9468fe49e3b512febe91d951ef6156 a9ae35f930c0bf59e407a0c082347049ae11738d330df4e32f4b2b1129d1470c
GET /sfiles/games-images/game-previews/190x102/game-371.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:32 GMT
content-type: application/octet-stream
content-length: 6158
last-modified: Thu, 31 Aug 2023 08:10:58 GMT
etag: "64ff358fd3a82358542d29d53649dd85"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:04.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-93313387f618479a993232eb0136f191-9cbde84d249a12ce-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-05-07T07:17:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp | 185.244.209.62 | | 20 kB |
URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-249.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash2c02d34e261b48da9db2682ad433c5e8 e6b9618ac0040910f755a6f24dcb2f5500bb9aca d8db064ea1623849ccee86b27bdb7825aa0dc452293576de352f9269af60ecfe
GET /sfiles/games-images/game-previews/190x102/game-249.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:32 GMT
content-type: application/octet-stream
content-length: 19770
last-modified: Thu, 31 Aug 2023 08:10:56 GMT
etag: "2c02d34e261b48da9db2682ad433c5e8"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:04:00.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b8d756a28277e1d11c28161e36424c80-5a3d236afa589d4d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-05-07T07:17:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-69.webp | 185.244.209.62 | | 4.3 kB |
URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-69.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash8c2b80027d3818f6bc91227418589ee6 c6d3c4595860bd3d685e4ddea5d4610a6f642a9b cec387d33e94b8222d71031dbda50143a7ea2e1470d2c96c9e147aa4c4a43960
GET /sfiles/games-images/game-previews/190x102/game-69.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:32 GMT
content-type: application/octet-stream
content-length: 4256
last-modified: Thu, 31 Aug 2023 08:11:01 GMT
etag: "8c2b80027d3818f6bc91227418589ee6"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
expires: Tue, 14 Nov 2023 18:22:10 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b378ee2592def49db75d4e640debff27-0d06bdc70b47d99b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:23:21+00:00, 2024-05-07T12:30:21+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp | 185.244.209.62 | | 8.9 kB |
URL v3.traincdn.com/sfiles/games-images/game-previews/190x102/game-58.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 380x204, Scaling: [none]x[none], YUV color, decoders should clamp Hash7a49dad906575c61dd636edbe1201479 d4bf0fbfadca8c6d3a7ec8f3d34d08fced98a21d 0e0cd085244f6272acfa6794d90e32685fa203973e85c62fa96f02cddf7172c6
GET /sfiles/games-images/game-previews/190x102/game-58.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:32 GMT
content-type: application/octet-stream
content-length: 8880
last-modified: Thu, 31 Aug 2023 08:11:00 GMT
etag: "7a49dad906575c61dd636edbe1201479"
x-amz-meta-origin-date-iso8601: 2023-08-31T08:03:42.000Z
expires: Tue, 14 Nov 2023 18:21:44 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ed088a4293da14f6244f31d16ebd9f28-0d21a4ad8982c8a6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-17T19:17:28+00:00, 2024-05-07T07:17:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/injector.js | 104.18.39.72 | 200 OK | 109 kB |
URL GET HTTP/2widget.suphelper.top/injector.js IP104.18.39.72:443
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Size109 kB (109003 bytes) Hash5c0667a1efdfda3aa8c29bd72f22f014 928622f045b8cb165c03d2279bfde367cd51ceee e6328b60d3a0588670754608e21d5fdc0dd45ac2a046856f93d5a1bf508aa0e4
GET /injector.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 19:44:30 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"32e7a-18f381bf77a"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 32
expires: Tue, 07 May 2024 23:44:30 GMT
server: cloudflare
cf-ray: 8803b47f9e26b50b-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css | 185.244.209.62 | | 46 B |
URL v3.traincdn.com/genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with no line terminators Hashf506188b04c16eaa9c664ed23f7ce58e 08d068d7fa5a84beb06ba924a35d84d6bfdab30a b9bfda0e940104e190b19543b94a10d120643bd1516d3ca2d266a0af6c0966e9
GET /genfiles/site-admin/css_vars/f506188b04c16eaa9c664ed23f7ce58e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:33 GMT
content-type: text/css
content-length: 46
last-modified: Fri, 12 Apr 2024 13:46:52 GMT
etag: "f506188b04c16eaa9c664ed23f7ce58e"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-66973621b67402d73392effc7526a0f8-a4626aa8c952acb6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-18T12:47:35+00:00, 2024-05-07T18:49:33+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js | 104.18.39.72 | | 36 kB |
URL widget.suphelper.top/_next/static/chunks/main-fa1d3b21fd97b583.js IP104.18.39.72:0
CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hash6be7c40fc345b431d6ce7664f56fed54 05cfa8cd98c0d7cf56f2b27e8444286e0d29e199 d66ada22b51ee93c46265f736bce6daf379e6103056ccea6386428c8398b262c
GET /_next/static/chunks/main-fa1d3b21fd97b583.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 19:44:32 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://file-hosting-api-stage.kube.prod.cons.lan https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 09 Nov 2023 06:03:45 GMT
etag: W/"1a544-18bb2adf0eb"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 603157
expires: Wed, 07 May 2025 19:44:32 GMT
server: cloudflare
cf-ray: 8803b48d99bcb50b-OSL
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js | 104.18.39.72 | 200 OK | 6.7 kB |
URL GET HTTP/2widget.suphelper.top/_next/static/chunks/0c294a17-329dda05de2a378d.js IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hash36ac14eeccdc43d7785eb3cbf68dd4d0 1c8f6064697598548b84d4c049e4450917cb81a1 491e7b738c2e7f716057b94a5e095a9fe12821fe476779f88a8af1bc910c6ca2
GET /_next/static/chunks/0c294a17-329dda05de2a378d.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 19:44:32 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Wed, 17 Jan 2024 06:19:55 GMT
etag: W/"2925-18d161388b8"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 612998
expires: Wed, 07 May 2025 19:44:32 GMT
server: cloudflare
cf-ray: 8803b48dba23b50b-OSL
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%22c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca%22%7D | 104.18.39.72 | | 30 kB |
URL widget.suphelper.top/services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%22c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca%22%7D IP104.18.39.72:0
CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hash862441d562db0d1ed7f463e42c8e4f9e 5ab8cc39df5126f91fd29d1cf15a581e95df5f29 c3799e3edf81554bd8c0f497a0af366a3f409705d76d7806e4c3d75582107363
GET /services/widget/v2/most-required?projectId=5b61b42ffdf00b25dc78f342&credentials=%7B%22$type%22:%22GuestCredentials%22,%22id%22:%22c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca%22%7D HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 19:44:35 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8803b49cf90eb50b-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js | 104.18.39.72 | | 109 kB |
URL widget.suphelper.top/_next/static/chunks/663-81a4add2f1c95639.js IP104.18.39.72:0
CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Size109 kB (109340 bytes) Hash7ccd5fc064a06a718494ea79e7a840c4 5b6b931c0b0754b5f2c2c5c0ff1d7b47a0bff757 c6bf5da6f0aa34f8e61cb59b91da627b417eaa47a728d44036e375ef18c02323
GET /_next/static/chunks/663-81a4add2f1c95639.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 19:44:32 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Thu, 28 Mar 2024 06:56:31 GMT
etag: W/"5b0da-18e83d890e3"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 612998
expires: Wed, 07 May 2025 19:44:32 GMT
server: cloudflare
cf-ray: 8803b48dba28b50b-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size14/sfiles/logo_teams/5280.webp | 185.244.209.62 | | 764 B |
URL v3.traincdn.com/resized/size14/sfiles/logo_teams/5280.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash189c0d23ae299979bbc6a6e26f2bd703 a69c6485e432076d0fb4bfd0dbc5c969d2dd754f 165d43c565ff3f9b3b8bd41318b4dfb15a7e15cb63518ada2f8edd0a52d6c291
GET /resized/size14/sfiles/logo_teams/5280.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:35 GMT
content-type: image/webp
content-length: 764
cache-control: max-age=94608000
content-disposition: inline; filename="5280.webp"
content-security-policy: script-src 'none'
expires: Fri, 19 Mar 2027 12:50:04 GMT
x-request-id: 1e16ebe66690a93bb31df79afb26b953
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3f436ff2479bd465bf4b0259a11f8573-18eb05a06437e491-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-03-19T12:50:04+00:00, 2024-03-26T08:46:08+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size14/sfiles/logo_teams/2c00163238eb3b254debbc851815b59a.webp | 185.244.209.62 | | 730 B |
URL v3.traincdn.com/resized/size14/sfiles/logo_teams/2c00163238eb3b254debbc851815b59a.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashcb40d77e3d55885cfaec6d4b54172c89 4cd051407ce0b73c1203a0d31face88fce53062f b16b6cb17cba6b5fd6492410dcd0ab8a2dc0f3aea4d445b7c8dc553803878bb5
GET /resized/size14/sfiles/logo_teams/2c00163238eb3b254debbc851815b59a.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:35 GMT
content-type: image/webp
content-length: 730
cache-control: max-age=94608000
content-disposition: inline; filename="2c00163238eb3b254debbc851815b59a.webp"
content-security-policy: script-src 'none'
expires: Mon, 03 May 2027 10:06:53 GMT
x-request-id: 9c8faaf59d943437a133499f3cf1a54a
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-89fde8c86cc04396ebb41151b843e344-3980d177004a427a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-03T10:06:53+00:00, 2024-05-03T10:42:55+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/11959.webp | 185.244.209.62 | | 774 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/11959.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash5bad31885840d876e322b2fdeeaee122 05d797bdaa60c91aaae3ce4e51b545d5cb60ce94 92b818c5851dde185bd171d42c5cc5e65f1f417f305b8f76c86c2a9e3593c1b4
GET /resized/size16/sfiles/logo_teams/11959.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 774
cache-control: max-age=94608000
content-disposition: inline; filename="11959.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 09:00:28 GMT
x-request-id: 362a34988f1e8f1b3987bd46244da0eb
x-time-ng: 0.102
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1aaac600b666a9b689ec159ad2ba35df-9369bfd6c53ec338-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:00:28+00:00, 2024-05-07T13:46:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/b21b9269b369a707beb9b6bb8a20f069.webp | 185.244.209.62 | | 680 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/b21b9269b369a707beb9b6bb8a20f069.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash8230e15be6dc7917cf3554aa307d569f a5b3fd9e02b2e5214a27b2e794b488d8a5ce3a8d 15c653395e383349672a82de6d5304cc40e985f38bf4df4325ed52d7cc3eb95d
GET /resized/size16/sfiles/logo_teams/b21b9269b369a707beb9b6bb8a20f069.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 680
cache-control: max-age=94608000
content-disposition: inline; filename="b21b9269b369a707beb9b6bb8a20f069.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 09:00:28 GMT
x-request-id: 3664b9195ccc50067188af4a8d9990e8
x-time-ng: 0.047
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5662e74d9f99e1aa2e1579ff1e9bba6d-452ac15b90cbfcda-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:00:28+00:00, 2024-05-07T13:46:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/4114c120fc2116144fc8c4c9ada79b96.webp | 185.244.209.62 | 200 OK | 730 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/4114c120fc2116144fc8c4c9ada79b96.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hashfa6ad3ac612d655625ea16ee743ca2cd 4135b3d250535e53d004bddd5167bc4796ac3101 57164288a18f74a89818d763d9d28a2e8fa01e796e4267263e8f89cd79dcfeee
GET /resized/size16/sfiles/logo_teams/4114c120fc2116144fc8c4c9ada79b96.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 730
cache-control: max-age=94608000
content-disposition: inline; filename="4114c120fc2116144fc8c4c9ada79b96.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 10:43:18 GMT
x-request-id: 6ad5cec208119979afae5594bab8ca4a
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e324ba4e1585079873c15a81bd7fa7cd-91e58d5a6ce7d335-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:43:18+00:00, 2024-05-06T17:02:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js | 104.18.39.72 | | 91 kB |
URL widget.suphelper.top/_next/static/chunks/framework-49f1e091cbf6b261.js IP104.18.39.72:0
CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typegzip compressed data, from Unix Hash38aa092d5666f370ff9e3958e1e0fcbb 15bbc042261d2f9688bd456c971fab2c6d3c929e db486a20c57b7e99fe3104819d3e9a57c392be9cccd620d2355059fa5b0ebbc5
GET /_next/static/chunks/framework-49f1e091cbf6b261.js HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Tue, 07 May 2024 19:44:32 GMT
content-type: application/javascript; charset=UTF-8
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=31536000
last-modified: Mon, 11 Mar 2024 06:37:37 GMT
etag: W/"22695-18e2c3b24d9"
vary: Accept-Encoding
content-encoding: gzip
cf-cache-status: HIT
age: 608717
expires: Wed, 07 May 2025 19:44:32 GMT
server: cloudflare
cf-ray: 8803b48d99adb50b-OSL
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js | 185.244.209.62 | 200 OK | 2.0 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typegzip compressed data, max speed, from Unix Hash23a3de8a78e29a1eaffda64100e644e2 c91a7a0fb64191227f913073044688a59205fbf3 27f24f0798e5b82fe6ea3a63566bf3978d32e11843490556afc447fcad4ae03b
GET /sys-static/shared-assets/__shared_accept_language_parser_QKZ6ULEV.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:36 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 09:11:40 GMT
etag: W/"518e0ae196483ada8b528a1f2b7df0a1"
x-amz-meta-mtime: 1715072814.257664589
content-encoding: gzip
expires: Wed, 08 May 2024 15:18:12 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-5a52b22c765f4eb36aba5a0b9b1c95ad-90e0d50a51847496-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:18:12+00:00, 2024-05-07T15:53:31+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/391ba63a97c076246a6bc6060ce6d907.webp | 185.244.209.62 | | 788 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/391ba63a97c076246a6bc6060ce6d907.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashde5bd0281adf884615d379171ae8a6a6 5a73d1c798d3c85203afe3b29629f451c5c13e00 858b8d8f2306ed272d9ff3dcc99b7268a5f66d44928d817467c840c44331f76a
GET /resized/size16/sfiles/logo_teams/391ba63a97c076246a6bc6060ce6d907.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 788
cache-control: max-age=94608000
content-disposition: inline; filename="391ba63a97c076246a6bc6060ce6d907.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 11:09:43 GMT
x-request-id: 4da9ee6d874aa253ccdc8a36f7409d76
x-time-ng: 0.038
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e86cf4276c21b384d36a0666373660ef-0fcd69806581a539-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:09:43+00:00, 2024-05-06T20:40:05+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/f10a83391d101a31f5013dcc0cda67d5.webp | 185.244.209.62 | | 700 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/f10a83391d101a31f5013dcc0cda67d5.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash0f6470f1266193bc8bb0fb1dc11b9f1e ef1c190c18bacfde1f09894cfcf5ca9dd258175a d9658e9e7318e991f5eb8c1643414dd9ebd27003bb0287510d07c60c02847ff6
GET /resized/size16/sfiles/logo_teams/f10a83391d101a31f5013dcc0cda67d5.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 700
cache-control: max-age=94608000
content-disposition: inline; filename="f10a83391d101a31f5013dcc0cda67d5.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 05:57:36 GMT
x-request-id: 7035c163cbf012fb35ee5ba401230598
x-time-ng: 0.062
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0c12db9a4c414eb4c1592ff3fe8cd1be-f527b5da1dc27b4e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T05:57:36+00:00, 2024-05-07T13:46:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/045fa541ead77357987af4dc79ab1c3b.webp | 185.244.209.62 | | 748 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/045fa541ead77357987af4dc79ab1c3b.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hashdaea809cb381cc201e44cece63e14b84 053bfd757df1e049fc3194a866e4f53b2c8ffadd 7c903d8c5dd12c8b500ce88294a9a44c6955c9321b8db105ee282636d8cf4b87
GET /resized/size16/sfiles/logo_teams/045fa541ead77357987af4dc79ab1c3b.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 748
cache-control: max-age=94608000
content-disposition: inline; filename="045fa541ead77357987af4dc79ab1c3b.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 09:27:25 GMT
x-request-id: 2773f1052a7738092aebd3e2523638d0
x-time-ng: 0.047
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-f005e31e4debce059e2621a7e1720f9f-c64a7b0bc45cc1ba-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:27:25+00:00, 2024-05-07T13:46:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/3564.webp | 185.244.209.62 | 200 OK | 696 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/3564.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash4842d7e95f6ec085912ce4228f0351c3 e0214d9d4871f926eb61c5cbf8dbdabc38700cc0 a5fef23f459a3c04457150213819d7d1a31c87acd998db726abe32a849c99641
GET /resized/size16/sfiles/logo_teams/3564.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 696
cache-control: max-age=94608000
content-disposition: inline; filename="3564.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 09:00:28 GMT
x-request-id: 5f601d3f14f5cb1b055815512e8bf8f2
x-time-ng: 0.043
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-900a9461988dd00c609812a2c64716ce-5635a921f7b094c4-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:00:28+00:00, 2024-05-07T11:13:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/96fae3e6fa38af6bc25cfc8a9221ca39.webp | 185.244.209.62 | | 714 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/96fae3e6fa38af6bc25cfc8a9221ca39.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash63327789ac7891d135071e258f8df3f3 fec20edb811c34e8bef0ca28cd73841046601122 5b14507e6464e9b46a497006586a9cbcb9ba426658f979f4fec794719d7b6609
GET /resized/size16/sfiles/logo_teams/96fae3e6fa38af6bc25cfc8a9221ca39.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 714
cache-control: max-age=94608000
content-disposition: inline; filename="96fae3e6fa38af6bc25cfc8a9221ca39.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 09:00:28 GMT
x-request-id: c325d39e80a1e7789b1270551d0fc62d
x-time-ng: 0.043
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-489c36e5e82e487ea8c0b83790e7d1e5-fc085fa0631b6474-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T09:00:28+00:00, 2024-05-07T11:13:04+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/95191.webp | 185.244.209.62 | | 776 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/95191.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash43b7fa2d8f629122511df1d5249859e0 c2f2ce434d1e066dfb812df92a0eb5e4234bd637 49bcb520fe8b42363e2e366d4556f250408ed91a4fb8126bfa7e50e9de2df4c3
GET /resized/size16/sfiles/logo_teams/95191.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 776
cache-control: max-age=94608000
content-disposition: inline; filename="95191.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 11:09:44 GMT
x-request-id: d6fe6a3c97ee050062003228367e01da
x-time-ng: 0.049
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0bbc972272ae2fd4ab9a3f297cd97221-66d99994bc9ab212-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:09:44+00:00, 2024-05-07T13:46:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/3606.webp | 185.244.209.62 | | 772 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/3606.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash9203ba02860f42de8f5a4c1a9d05b6b3 15dbc8b145e141b184aaa3d3c256d85b32c44441 79c865ecae3bfca6d24f962242e9604b01081d6b9923e9fb663be51305c6b022
GET /resized/size16/sfiles/logo_teams/3606.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 772
cache-control: max-age=94608000
content-disposition: inline; filename="3606.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 11:09:45 GMT
x-request-id: 398504017757f2b5e150b8069cd14a23
x-time-ng: 0.052
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-d773c1354957f78dd74a2d1b7f846504-39d38cad84bbc93f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T11:09:45+00:00, 2024-05-07T13:00:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/1914123.webp | 185.244.209.62 | | 566 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/1914123.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash6465a62700a5331a6e328f694e992947 a28eb08943853995def20a362c03253f9d42176b acd860cb70e37bf5eca8600be83488b16a11f798a0e1168e15248573cdea53de
GET /resized/size16/sfiles/logo_teams/1914123.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 566
cache-control: max-age=94608000
content-disposition: inline; filename="1914123.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 14:05:14 GMT
x-request-id: e7bed42254bc9ed491d17792c202a9ce
x-time-ng: 0.045
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-14d5414c9f073246481e02d6dbc51919-5a0e15430fa304c0-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T14:05:14+00:00, 2024-05-06T13:55:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/82425.webp | 185.244.209.62 | 200 OK | 782 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/82425.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hasha6762f375a8fb8b254b865efeca44787 530391dc9d7a07bb6a22452d9da52842d2ff00b7 23a93e7db7cece30edb865acd2592811e2af4ae451808ee57ef4deff53e73c87
GET /resized/size16/sfiles/logo_teams/82425.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 782
cache-control: max-age=94608000
content-disposition: inline; filename="82425.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 10:39:44 GMT
x-request-id: d094911f4b096363c578b82553d57c50
x-time-ng: 0.043
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ca97223c1e57081970657247e76899f7-3404c9194b5672c6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:39:44+00:00, 2024-05-06T13:55:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/c7a796b71a966d43edad5587bc6a1208.webp | 185.244.209.62 | | 780 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/c7a796b71a966d43edad5587bc6a1208.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hasheb16623c783c2901fa0aeb67ff90d8a1 cb2da15450e6bbb5832b76b04160a397655ac900 95f91f6d57cba210fc2370b2b21cb7b101815435022dd7be84f72dd404771ca2
GET /resized/size16/sfiles/logo_teams/c7a796b71a966d43edad5587bc6a1208.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 780
cache-control: max-age=94608000
content-disposition: inline; filename="c7a796b71a966d43edad5587bc6a1208.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 08:54:11 GMT
x-request-id: 981e93225c8cc0ec4f28375ea5098e17
x-time-ng: 0.069
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-84638e29b66d98c8475880b303003288-961a010c9f2da56a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T08:54:11+00:00, 2024-05-07T13:00:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/22153.webp | 185.244.209.62 | 200 OK | 740 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/22153.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash839ee300f5dd87b729eb4f5c53f7f4a9 c531cfa3d1db4cb986e12b64cb74ede774a2dc7f 5a969e94f1bbd2c37e444368bdf4c942d0bb39d9085464dff4ab9b1a8bd5fe5e
GET /resized/size16/sfiles/logo_teams/22153.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 740
cache-control: max-age=94608000
content-disposition: inline; filename="22153.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 08:54:11 GMT
x-request-id: 4c3ea774943064bc65e0007e12090d3d
x-time-ng: 0.049
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b332a239ec17d04ec57cd049a5156685-754ba5e80bb89f65-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T08:54:11+00:00, 2024-05-07T13:00:20+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/9e082731e51278dfcaec05bf43640ddd.webp | 185.244.209.62 | 200 OK | 696 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/9e082731e51278dfcaec05bf43640ddd.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash4a8aad897550c74977ba457b9f672aca 0b6cfca2fa6914fb5a3756fa8d06a8d6842933fe 6a886108858daecdb9391b6211978c254ff50550828fa93b54393a6c0e1f617e
GET /resized/size16/sfiles/logo_teams/9e082731e51278dfcaec05bf43640ddd.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 696
cache-control: max-age=94608000
content-disposition: inline; filename="9e082731e51278dfcaec05bf43640ddd.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 07:14:37 GMT
x-request-id: c98f61b436067fa41497ea02a429b7c3
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-6bc756d655e75c6cb3eb3c16e868fb55-a704583068f92217-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T07:14:37+00:00, 2024-05-07T13:46:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/11943.webp | 185.244.209.62 | | 798 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/11943.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash4d84c3f630647f982e72efc783e14ee0 6280216117acd172b454d5aa2da20202785e3654 fcc921c088b3126c564bf07890966bf731582d035f2e4fe958e913430c43f161
GET /resized/size16/sfiles/logo_teams/11943.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 798
cache-control: max-age=94608000
content-disposition: inline; filename="11943.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 07:14:37 GMT
x-request-id: da767972167acde2533b1806a906276a
x-time-ng: 0.070
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5f15eefb331a214e5a4dd1ac6814f151-0bb8a7299742e763-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T07:14:37+00:00, 2024-05-07T13:46:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/45591.webp | 185.244.209.62 | | 752 B |
URL v3.traincdn.com/resized/size16/sfiles/logo_teams/45591.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash6576ed1e636d306cb4eea13edfae949d 76b67613f328a3a579aa53751473f05ccb35171e d8cc6cc0cce8f1ba020842750f02e1299dbd3f3451ac020f5dff46506120ed55
GET /resized/size16/sfiles/logo_teams/45591.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 752
cache-control: max-age=94608000
content-disposition: inline; filename="45591.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 18:17:38 GMT
x-request-id: 1c2f657d5ece934f6313531c707a99d9
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-cd1dffca6bfad536d4cffe3212bcb06c-6b2de20c2e866acb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T18:17:38+00:00, 2024-05-07T13:10:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/172393.webp | 185.244.209.62 | 200 OK | 758 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/172393.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash36187d84a181d6eccb71713393157743 aa5480afbf032a3e1da8248b95c5fea8f12d5da0 dbaafeee3c6818dcb7110152b91ee427e70e891ff828bdcd833d600f56800739
GET /resized/size16/sfiles/logo_teams/172393.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 758
cache-control: max-age=94608000
content-disposition: inline; filename="172393.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 18:17:38 GMT
x-request-id: f431ad3eb5b99a230374c46f19a23e57
x-time-ng: 0.060
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3d3ba38b1e5a9fd16fe79835f3b1e554-6ca7a8f1752d3020-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T18:17:38+00:00, 2024-05-07T13:10:51+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css | 185.244.209.62 | 200 OK | 1.1 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/css/e5eb737e.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (5171), with no line terminators Hash5d231bea9b7df6bc1e9e74e3c0a231e1 2ef607f0c766fff1b4b1e90a2d98e7094c81721e c43fd428fe6e9d25ddf385a1cf03891194126ebf9e83d086af655272e815445b
GET /_nuxt/desktop/default/css/e5eb737e.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: text/css
content-length: 1050
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-41a"
content-encoding: gzip
expires: Wed, 08 May 2024 08:09:31 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-2e15728418c23fc158f771bedcfd35df-cec7885037a2a980-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:09:31+00:00, 2024-05-07T12:50:10+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-07683518.js | 185.244.209.62 | | 8.9 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/Registration.Fields-07683518.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (39925), with no line terminators Hash5609f3d5d46109e5230f492c3d89cdcd 522c0a551da1db7753e72b6a629064a6170791d9 13f2ef217e2e8cc997cbcaa97126a6c31430ae1d073e406944364fb5f45f70e7
GET /_nuxt/desktop/default/vendors/Registration.Fields-07683518.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: application/javascript; charset=utf-8
content-length: 8880
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-22b0"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:25 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-5835595426a189778513555ff42a2393-de928d0fb4bc8e66-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:25+00:00, 2024-05-07T15:30:25+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 | 178.253.29.51 | | 698 kB |
URL 1xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Size698 kB (698220 bytes) Hash07770668139f43e615ab2716a12d41b5 3c22dba2c2665dfc2caaf252f7033f49a88d0ed8 132f6764f6dc1d932a25b1b67aa892b394e90a16bcd47bb49735b727a18d582e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:32 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=111, dt_total;dur=168.619, wf-uht;dur=0.190
traceparent: 00-54d668fe5931915fcf3107b80804a94b-91d2b9e46f801817-01
x-dt: 285
x-time-ng: 0.148
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/60c7aeb54494.js | 185.244.209.62 | | 715 B |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/60c7aeb54494.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJava source, ASCII text, with very long lines (714) Hash0a4d6d7efa89ba140b62c6aee5e8fc6f 9e5b132d8df77dc2fe824cf30a362084400f23c5 60e4e95557382dcdc956e8e80595030789aedfcf6c9f2ff90e92c5f4a2631e0d
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/60c7aeb54494.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:38 GMT
content-type: text/javascript; charset=utf-8
content-length: 715
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "0a4d6d7efa89ba140b62c6aee5e8fc6f"
x-amz-meta-mtime: 1714551564.671873539
expires: Thu, 02 May 2024 15:21:02 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-7a704106d24944b49b16d3a8da43b787-6a836cc0496af7c1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:21:02+00:00, 2024-05-07T19:42:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js | 185.244.209.62 | 200 OK | 504 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJava source, ASCII text, with very long lines (503) Hash5387051085dcc459e7077d5d8000b85d d22afab6c65228f0056f66e4f150783f6014e36b 34377c13fd72112cac96fba3642f084661361aea701a70ba3702c82c9bb42790
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/e8b8c79f9b52.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:38 GMT
content-type: text/javascript; charset=utf-8
content-length: 504
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: "5387051085dcc459e7077d5d8000b85d"
x-amz-meta-mtime: 1714551564.675873475
expires: Thu, 02 May 2024 15:20:53 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-b1812ad8765223ebfe2d1ae84a655bee-49b671f4f5d549cb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:53+00:00, 2024-05-07T19:42:49+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2e7e82ef0fd8.css | 185.244.209.62 | | 12 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2e7e82ef0fd8.css IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash56e2fb5d40137ab234dac4283f121ad6 f3a50d42609564ff6c2dd9de61212714ba710180 768ab67229041cd54dc52e81c4c6c2388bc47379fcd0a8846080c72791579beb
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2e7e82ef0fd8.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:38 GMT
content-type: text/css; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"86bbeccf1800ba74e6c228c6ac503cef"
x-amz-meta-mtime: 1714551564.667873602
content-encoding: gzip
expires: Thu, 02 May 2024 12:56:07 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-fa8cbad51a99dba298932f86e3a87ecf-cf987ec178078e74-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T12:56:07+00:00, 2024-05-07T15:30:07+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js | 185.244.209.62 | | 53 B |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
Hashbb7e15ec1662efa164ad912bd1c65e19 bdd420a5f5bf96a8a4f85abbbe3b0cd2ad547f52 a9378fb3de73c35f466dfae4d2956a63b95813d4eaf88ae7f4ce820d0992cc01
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/5e0dc9f15b39.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:38 GMT
content-type: text/javascript; charset=utf-8
content-length: 53
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "bb7e15ec1662efa164ad912bd1c65e19"
x-amz-meta-mtime: 1714551564.671873539
expires: Thu, 02 May 2024 21:01:37 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-9e39f1a63921ec8eb00989c68cd2edc8-20e41290272477a1-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T21:01:37+00:00, 2024-05-07T15:30:07+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/03e03ebafcdc.js | 185.244.209.62 | | 372 B |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/03e03ebafcdc.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJava source, ASCII text, with very long lines (371) Hash441a6448f5a4242779baf6fc1399b13e b646aa02b2ed08c1590c6f4536341cb2e51a4f1c 0eede7ea7bad647cc90b8044489561c58d2d5865e88ecc59a572589c6ccea6b7
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/03e03ebafcdc.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:39 GMT
content-type: text/javascript; charset=utf-8
content-length: 372
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "441a6448f5a4242779baf6fc1399b13e"
x-amz-meta-mtime: 1714551564.667873602
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-acd78d288f12a903c5ba655481df426c-e972c7e728dc1e3d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-07T17:01:38+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/92745f711024.js | 185.244.209.62 | | 62 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/92745f711024.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash3f10e3b9ccc8844bcc43ddc2a4455ec8 05d5e9135463c7fa55ea0cb9361c1c2330d6d750 c66c36bd6f7bb97c09dedd7efa988ad6f02ecaf60bd5622e8a6bb06eba2d7e9a
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/92745f711024.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:38 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"fdfc9ec2fb0c6c09b91f4d7afd8b013e"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e02ebcf741f4b19b99ac66daec8cfe83-1db4c5dcce3021a7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-07T16:34:02+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js | 185.244.209.62 | | 450 B |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeASCII text, with very long lines (449) Hash056ce527a12544a37f984ac598be2344 6946b65cf1c68960e5f9ac0900a0df66a13e7e85 cd7cdf53c803ca43a37171180d14c2374e45ab347d309f9b83a107b9ad9b4ed1
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7bd3bc288fd4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:39 GMT
content-type: text/javascript; charset=utf-8
content-length: 450
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: "056ce527a12544a37f984ac598be2344"
x-amz-meta-mtime: 1714551564.671873539
expires: Fri, 03 May 2024 08:43:57 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ad46996e15b3d096d393e4ecd6eff8d6-f0fb4f2afd104bc7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T08:43:57+00:00, 2024-05-07T18:09:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2c4bdd620ac9.js | 185.244.209.62 | | 3.5 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2c4bdd620ac9.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash802c1c905d5eaf05faf003e3c501691b 2f013bbfe2f5e3a72c29fe0f28218f90f8c3fc2d e9b458c2ddb2621d22704dd358fc0b5959e52f1dc4e47f348dffc1fe4a4c716f
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/2c4bdd620ac9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:39 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"db345f9ab9f4b60494ed02dd78f38d79"
x-amz-meta-mtime: 1714551564.667873602
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1484f53ea63042abad6fb0826da59c5c-ac1337a0c2784654-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-07T17:01:38+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.51 | | 2.7 kB |
URL 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash8537b724d4503b9781c467789d2c224c 1f0f29c486013c90bab47cb887c9e5ebf1141bc7 920bae26548a368151181ecd5cb37efe2187ad541289bd0c39657a287cdd8ddf
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_[]MS[]null[]null[]general[]18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:39 GMT
content-type: application/json; charset=utf-8
content-length: 2675
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:39 GMT
vary: Accept-Encoding
x-time-ng: 0.009
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.016
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js | 185.244.209.62 | | 66 kB |
URL v3.traincdn.com/_nuxt/desktop/default/vendors/conversion-f0624fc4.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (65529), with no line terminators Hash191ff223860f458112e0be2a63bd9857 850dd681d5b31321f00b8df955a455aa9478e44e 40e1fe6d194776c5fa845dda1dbebda9c2bc3154d8c45793ae74a2e1bf147016
GET /_nuxt/desktop/default/vendors/conversion-f0624fc4.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:39 GMT
content-type: application/javascript; charset=utf-8
content-length: 66479
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-103af"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:50 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-03aa7aaab2991bb04760586be18b31eb-76ceb2fc7b35abf5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:50+00:00, 2024-05-07T14:48:16+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size24/sfiles/logo_teams/65e3e972954419765c3ce21698edf6cb.webp | 185.244.209.62 | | 1.2 kB |
URL v3.traincdn.com/resized/size24/sfiles/logo_teams/65e3e972954419765c3ce21698edf6cb.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash49db5443e120a9653d4ee999dc9686df 57bc47853935972be400e9c1acc85b314bb161d0 d8fcbb9d7583b0932233a931a67a727a86e117defb0269cdbd59a9d91e45d5ca
GET /resized/size24/sfiles/logo_teams/65e3e972954419765c3ce21698edf6cb.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:40 GMT
content-type: image/webp
content-length: 1196
cache-control: max-age=94608000
content-disposition: inline; filename="65e3e972954419765c3ce21698edf6cb.webp"
content-security-policy: script-src 'none'
expires: Wed, 05 May 2027 12:37:08 GMT
x-request-id: a4c1423183e5856b35fd59765a3567e5
x-time-ng: 0.040
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-322d2cddc9767291d36a67f0697e2908-1f66c2634dc1e1ff-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-05T12:37:08+00:00, 2024-05-07T14:44:43+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7b53ac9cad2f.js | 185.244.209.62 | | 15 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7b53ac9cad2f.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash18a989aa18854bd297a47fc71d0d9737 7b97d953facd33abdb35e68a0b6c151e75d9dbca 9af205080b5f9e314c790be9bfa5296903e09032337e740241bc6ca53bf866a2
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/7b53ac9cad2f.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:38 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"de79bf6739658de7bc537d692f3638fe"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:51 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-ba20dee7cacbee7afe748dbcf4ed2f78-7213aaf1e3c24a8a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:51+00:00, 2024-05-07T17:01:36+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | | 16 kB |
URL 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash4193e80c16d10cb71c432b66044d4bca 7e5a99a0657fb5338c614bc53b1d61d39adcf45a a5fe8a3836a0f59a94a6da64ab9aeace4bde34f9042cc55f62ef23afc515f411
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:38 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=5
last-modified: Tue, 07 May 2024 19:44:38 GMT
x-time-ng: 0.011
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.019
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.webp | 185.244.209.62 | 200 OK | 16 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash99937fec94322155d99465451e84e5f4 0549b153f8e34c242f71817a038f7ebad37d27be d35bc328538e182310574b3ff1d58134efedc49c9f3dbb43ec6df65fed624f33
GET /genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:40 GMT
content-type: image/webp
content-length: 15874
last-modified: Fri, 26 Apr 2024 11:44:53 GMT
etag: "99937fec94322155d99465451e84e5f4"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-3c99c3906c80d87535f9b736ccdd68a0-fd7b6f73bb804e0c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-26T11:45:30+00:00, 2024-05-07T19:26:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/260/desktop/banner/ef11271d6cef34c1fdb99b2ddff4bdb1.webp | 185.244.209.62 | | 14 kB |
URL v3.traincdn.com/genfiles/cms/260/desktop/banner/ef11271d6cef34c1fdb99b2ddff4bdb1.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash317ab8a5b92752fd051ac254b8366dcb 3c30f1345378eaf9833e470a1b7c050d6ccf8b48 4ced6a24abe27da06f568a4d837f11b21462458779d624bd6916163b189222f9
GET /genfiles/cms/260/desktop/banner/ef11271d6cef34c1fdb99b2ddff4bdb1.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:40 GMT
content-type: image/webp
content-length: 13702
last-modified: Thu, 02 May 2024 12:00:34 GMT
etag: "317ab8a5b92752fd051ac254b8366dcb"
x-time-ng: 0.003
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-513993abbd6301aa2328eecf975e8a9d-4bc5f44a9479f18b-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:40:55+00:00, 2024-05-07T19:04:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size24/sfiles/logo_teams/1705962ffbc1e568500d02753d414082.webp | 185.244.209.62 | 200 OK | 1.1 kB |
URL GET HTTP/2v3.traincdn.com/resized/size24/sfiles/logo_teams/1705962ffbc1e568500d02753d414082.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash6bd1a4bfa55aad56422400c489942897 17b4372b5ac8430ca744684686cea67969a15cfe 9f4ff586f0724b113f76a8bb64339eedabfc637511a2529e7194248d0554da4c
GET /resized/size24/sfiles/logo_teams/1705962ffbc1e568500d02753d414082.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:40 GMT
content-type: image/webp
content-length: 1094
cache-control: max-age=94608000
content-disposition: inline; filename="1705962ffbc1e568500d02753d414082.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 14:51:53 GMT
x-request-id: 1092693db696d60f31712e8ba12deb0c
x-time-ng: 0.062
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-ab2c1283588bde687e52af499aacff49-66337a5a3fe5021e-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:51:53+00:00, 2024-05-07T14:54:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size24/sfiles/logo_teams/167095.webp | 185.244.209.62 | | 1.1 kB |
URL v3.traincdn.com/resized/size24/sfiles/logo_teams/167095.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash3d0ce9ce8b6dec70e6e0f31effa9f219 018de590437492f15fc3647997bfbaa759f16da9 f4395f007bd01851a93ccf6842c69c3f4cc1c39e4d5c3b71c881c674e85cccc8
GET /resized/size24/sfiles/logo_teams/167095.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:40 GMT
content-type: image/webp
content-length: 1142
cache-control: max-age=94608000
content-disposition: inline; filename="167095.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 14:51:53 GMT
x-request-id: e27ef69f33230d500def92477b09e641
x-time-ng: 0.067
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-08dba52248e5c71688762a8f370f2d4b-7b6f0bbf2212f507-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:51:53+00:00, 2024-05-07T14:54:46+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.webp | 185.244.209.62 | | 18 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hashb7e3857cdc8cbde71f63af81a61f5cfb deeb62ea6e9b702bb9e3f395483c3c00445adcf8 786e67817e82780aaeb0d2bca1e57e06fff5ae9fa89b2747b1af57913886e25f
GET /genfiles/cms/1/desktop/banner/37725dd3160e2621f084de11d4417228.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:40 GMT
content-type: image/webp
content-length: 17490
last-modified: Wed, 21 Jun 2023 09:54:55 GMT
etag: "b7e3857cdc8cbde71f63af81a61f5cfb"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-af30038e54162f7ebc12e0c40ec47e20-de8208136f9add09-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T15:26:35+00:00, 2024-05-07T19:26:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/43b37bcd63883963ab5ca6707fd4ca45.webp | 185.244.209.62 | | 8.8 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/43b37bcd63883963ab5ca6707fd4ca45.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hashf7820c059ddb01f4b4e68e42a5e460a1 195804c0235c39f4262f97fe2761100319ed9595 cf0d38ba0dc4de44a0fc90d2592209998ac959644b187014ec028a4c0fddd3ab
GET /genfiles/cms/1/desktop/banner/43b37bcd63883963ab5ca6707fd4ca45.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:40 GMT
content-type: image/webp
content-length: 8798
last-modified: Mon, 06 May 2024 09:11:30 GMT
etag: "f7820c059ddb01f4b4e68e42a5e460a1"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-affb7f62d441880b13816b92e1cbefa0-de800ea85cb1cc87-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:50:36+00:00, 2024-05-07T19:04:06+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0 Hash6887b6f24414dbc612dbf42ccdc76b70 8068d3abfbc6cbf35b55919da45b1f4d2d136238 fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:41 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-cc83e69ca931a5b74d06b638484ecefe-70fd27714e201f74-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-05-07T19:11:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 | 185.244.209.62 | 200 OK | 65 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64732, version 1.0 Hash3ac5d40d1b3966fc5eb09ecca74d9cbf a69f32357765dd321519889aeacba5e9ca893bb0 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:41 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-3ede2bec75cb33cb5ef18d545ec13bcf-abfcff359e1a4fa6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-05-07T18:44:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cd57c0a6e95b.js | 185.244.209.62 | | 65 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cd57c0a6e95b.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hasha524f1d717e06e6c4739387ee847ef4f a4bbe3d404470c7d9314a2c4ab6c3994a4dbafd5 09f151a5af4531bcae086a6c0a3561da818c0725f6edaf9a43c584863cfea80b
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cd57c0a6e95b.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:39 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: W/"76cb7b38bd7dd009e525ca10453839cd"
x-amz-meta-mtime: 1714551564.675873475
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-df9df9f6dcbecaca702e8a4bc1e92ba1-591cfcce3a29e747-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-07T17:01:39+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.51 | | 14 kB |
URL 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash70032b3ad5442ecb4ded3ac89ba8c23a c31f4eecf52979c83feee13909604d8cdfd6731c 7e8d04105f07d6da90d578e12b8a6a21bcd1ea085f603c19aef5bba4dddc398c
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:42 GMT
content-type: application/json; charset=utf-8
content-length: 13835
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:42 GMT
vary: Accept-Encoding
x-time-ng: 0.018
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.026
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json | 178.253.29.51 | 200 OK | 23 B |
URL POST HTTP/21xlite-461430.top/fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash091e7db3a5c3c788569b018b1d4a9158 d500bb85ba21a4d7d3f3e97e03212f07e3582659 872bcc5d0a574d120784438f921af7f53d1e94821021f320eeb017a990ae1f88
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /fatman-api/a6f69e4388362d761ee5bb073edb23ae3d9341fb/event.json HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
Content-Type: application/json
X-Lang: en
X-Uuid: fa96d4d2-3db8-410f-a336-cb8937b44ce9
Content-Length: 99
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:42 GMT
content-type: application/json
content-length: 23
x-time-ng: 0.001
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.011
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js | 185.244.209.62 | | 2.4 kB |
URL v3.traincdn.com/_nuxt/desktop/default/analytics-a8ae3276.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJavaScript source, ASCII text, with very long lines (6444), with no line terminators Hash60f915b0daad3af04303726381897e81 133c20a7f58c18758483c23f595d5a4f22ba9371 320b5a7d25c926dc55eb7a53f4348bf7c34bd7f5bc6ad3bcd1d16029239dc3a1
GET /_nuxt/desktop/default/analytics-a8ae3276.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:43 GMT
content-type: application/javascript; charset=utf-8
content-length: 2434
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-982"
content-encoding: gzip
expires: Wed, 08 May 2024 08:41:52 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-18e5c4e4e7267bc2cf98b6320e30babe-707c1807c9e107b3-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T08:41:52+00:00, 2024-05-07T09:24:02+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 | 178.253.29.51 | 200 OK | 412 B |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash8b7a260655ef056099ed8505b06114f0 66f33894ccc9fc85a0283a0789982c604ef71fc6 9f8e28d259082c262918693510ab649dd54c73f35c781294632e359e4ef74e80
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:43 GMT
content-type: application/json; charset=utf-8
content-length: 412
cache-control: no-cache
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:43 GMT
vary: Accept-Encoding
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/62bd07c5cb50.js | 185.244.209.62 | | 65 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/62bd07c5cb50.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hasha90f4865e1085a34637266014f709b80 12fdcd96207fa13a19bfa94f524c3679b2ea5490 7818434bc408d249cec6c0bc22bba81fa1c0529bfd83815b667a5627ebde9e21
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/62bd07c5cb50.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:38 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"942da12c1a44ccf257f6ea3e09ed3175"
x-amz-meta-mtime: 1714551564.671873539
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.002
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-0ac92146de457432b0ff982f9b6bba14-e9a1b1fdfb94e68f-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-07T17:01:37+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 | 142.250.74.72 | | 106 kB |
URL www.googletagmanager.com/gtag/js?id=G-7JGWL9SV66 IP142.250.74.72:0
File typeJavaScript source, Unicode text, UTF-8 text, with very long lines (10899) Size106 kB (105851 bytes) Hashacc979a3a12ad5457f069b170f83357f 47f395811b0e3641fdb15799951f98cbb4f0ab0f 325bb309cb0c43d1b392d7dcf65975bed41809b9411acb5f0fbdce99481bb8b5
GET /gtag/js?id=G-7JGWL9SV66 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 19:44:43 GMT
expires: Tue, 07 May 2024 19:44:43 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 105851
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V | 142.250.74.72 | | 64 kB |
URL www.googletagmanager.com/gtm.js?id=GTM-KFGPRJ2V IP142.250.74.72:0
File typeJavaScript source, ASCII text, with very long lines (1822) Hashb118f4da9c1ca48cbfb990c3aea5ae37 c5b5dbf2b16126eed8c94b8067f634c7e7d61028 5e93891fd034631214019a7ac7796707223d88391755fe4c61cbe221e95c3cd6
GET /gtm.js?id=GTM-KFGPRJ2V HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 07 May 2024 19:44:43 GMT
expires: Tue, 07 May 2024 19:44:43 GMT
cache-control: private, max-age=900
last-modified: Tue, 07 May 2024 18:35:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64370
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63748, version 1.0 Hash6887b6f24414dbc612dbf42ccdc76b70 8068d3abfbc6cbf35b55919da45b1f4d2d136238 fc5c015fc32518f1ed810fa84ca28941eb9d5a3c81acc8df69a4dbbeedef7b0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Regular.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:43 GMT
content-type: font/woff2
content-length: 63748
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "6887b6f24414dbc612dbf42ccdc76b70"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-964c7b43fc6d54705b4f0f36bc2437d6-811a2b102bcd8ada-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:13:59+00:00, 2024-05-07T19:11:19+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 | 185.244.209.62 | 200 OK | 65 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 64732, version 1.0 Hash3ac5d40d1b3966fc5eb09ecca74d9cbf a69f32357765dd321519889aeacba5e9ca893bb0 3310766b8f58538d07abded74a2babe1acbe1a3ee820d5b8c8265da666f4fb0c
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Medium.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:43 GMT
content-type: font/woff2
content-length: 64732
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "3ac5d40d1b3966fc5eb09ecca74d9cbf"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-dfc8731d94cde4f42ec9d28e9994b6b9-1b2d58bbd68a1acb-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:56:30+00:00, 2024-05-07T18:44:56+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 | 185.244.209.62 | 200 OK | 64 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeWeb Open Font Format (Version 2), TrueType, length 63920, version 1.0 Hasha65527fcb58f66a7cfbc0e6b160538b4 45d260e7fa343401b5bb0df982a014f53e2d253b fb13c3a1cbac60649b76f7d7f85c1645d35ac69b85ce5f4eb0692505ecc2cd45
GET /genfiles/cms/1/desktop/fonts/Roboto/Roboto-Bold.woff2 HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:43 GMT
content-type: font/woff2
content-length: 63920
last-modified: Wed, 14 Jun 2023 09:49:53 GMT
etag: "a65527fcb58f66a7cfbc0e6b160538b4"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-62843103ee921f656647f533c9776eff-72d727968b2f2398-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T07:54:39+00:00, 2024-05-07T19:36:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| radar.cedexis.com/1/23802/radar.js | 45.54.49.5 | 302 Moved Temporarily | 154 B |
URL GET HTTP/1.1radar.cedexis.com/1/23802/radar.js IP45.54.49.5:443 ASN#63911 NetActuate, Inc
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerDigiCert Inc Subjectradar.cedexis.com Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1 ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT
File typeHTML document, ASCII text, with CRLF line terminators Hashcfbeaf604823f038b8b46f0ac862b98c 7b9eb1dac48e74fa5f418bc456cb410f88b81d98 20c1ab602462b7fc0d5b4cbd555cacf127b69a07a737579598ebcbc0f5b21319
GET /1/23802/radar.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Tue, 07 May 2024 19:44:43 GMT
Content-Type: text/html
Content-Length: 154
Connection: keep-alive
Location: /1707728419/stub.js
Expires: Tue, 07 May 2024 19:54:43 GMT
Cache-Control: max-age=600
Vary: User-Agent,DNT
|
|
| radar.cedexis.com/1707728419/stub.js | 45.54.49.5 | | 271 B |
URL radar.cedexis.com/1707728419/stub.js IP45.54.49.5:0 ASN#63911 NetActuate, Inc
CertificateIssuerDigiCert Inc Subjectradar.cedexis.com Fingerprint33:58:79:8E:87:A5:C3:05:CA:E2:82:50:61:CF:72:83:BD:64:80:C1 ValidityFri, 29 Mar 2024 00:00:00 GMT - Fri, 28 Mar 2025 23:59:59 GMT
File typeJavaScript source, ASCII text Hash82dec77fd0353c7c71ce053b8601387e fbbca95419e1d0c042e0a5fdf10f380aca66188c 39f2b7b0fa78d37d0c84d2d6618bd635d86fd683d9bcdd5729850cb2a62522f7
GET /1707728419/stub.js HTTP/1.1
Host: radar.cedexis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 07 May 2024 19:44:44 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 12 Feb 2024 09:50:42 GMT
Vary: Accept-Encoding
ETag: W/"65c9e9f2-186"
Expires: Tue, 21 May 2024 19:44:44 GMT
Cache-Control: max-age=1209600, public
Content-Encoding: gzip
|
|
| www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=2131614808.1715111084>m=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1380963711 | 216.58.207.227 | | 42 B |
URL www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=2131614808.1715111084>m=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1380963711 IP216.58.207.227:0
File typeGIF image data, version 89a, 1 x 1 Hashd89746888da2d9510b64a9f031eaecd5 d5fceb6532643d0d84ffe09c40c481ecdf59e15a ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7JGWL9SV66&cid=2131614808.1715111084>m=45je4510v897130004za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3lPl2l1&npa=1&z=1380963711 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 07 May 2024 19:44:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je4510v897130004za200&_p=1715111083179&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2131614808.1715111084&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715111084&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%3Ftag%3Ds_1558737m_355c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D18069_30365_d70971_l71502_clickunder%26pb%3Da97213fad9d648e1a13d8fe56a5b07c1%26click_id%3D27581_251125_4_6_g88_1999306%26r%3Dru&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=21235 | 216.239.32.36 | 204 No Content | 0 B |
URL POST HTTP/2region1.analytics.google.com/g/collect?v=2&tid=G-7JGWL9SV66>m=45je4510v897130004za200&_p=1715111083179&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2131614808.1715111084&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715111084&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%3Ftag%3Ds_1558737m_355c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D18069_30365_d70971_l71502_clickunder%26pb%3Da97213fad9d648e1a13d8fe56a5b07c1%26click_id%3D27581_251125_4_6_g88_1999306%26r%3Dru&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=21235 IP216.239.32.36:443
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerGoogle Trust Services LLC Subject*.google-analytics.com Fingerprint93:6B:D2:9D:92:BE:2D:D8:02:67:82:83:5E:EF:A3:F9:13:F3:26:AE ValidityTue, 16 Apr 2024 03:18:45 GMT - Tue, 09 Jul 2024 03:18:44 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-7JGWL9SV66>m=45je4510v897130004za200&_p=1715111083179&_gaz=1&gcd=13l3lPl2l1&npa=1&dma_cps=sypham&dma=1&cid=2131614808.1715111084&ul=en-us&sr=1280x1024&pscdl=noapi&_s=1&sid=1715111084&sct=1&seg=0&dl=https%3A%2F%2F1xlite-461430.top%2Fen%3Ftag%3Ds_1558737m_355c_%255B%255DMS%255B%255Dnull%255B%255Dnull%255B%255Dgeneral%255B%255D18069_30365_d70971_l71502_clickunder%26pb%3Da97213fad9d648e1a13d8fe56a5b07c1%26click_id%3D27581_251125_4_6_g88_1999306%26r%3Dru&dt=1xBet%20%E1%90%89%20Online%20sports%20betting%20%E1%90%89%201xBet%20online%20bookmaker%20log%20in%20%E1%90%89%201xlite-461430.top&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=GTM-5R4MT54&tfd=21235 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://1xlite-461430.top
date: Tue, 07 May 2024 19:44:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.51 | | 2.7 kB |
URL 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash6ec8055bc3af39a422f75d14e755292f 323d53ebcbe560c2ac72210b3743d50fb611d591 ecc0c0245d9b3a260b6a9815cf9e72103167803a88d75fa4e074c4849e2d3c95
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:45 GMT
content-type: application/json; charset=utf-8
content-length: 2660
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:45 GMT
vary: Accept-Encoding
x-time-ng: 0.021
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.030
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | | 1.6 kB |
URL GET 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash198882ba742abf44e1a414725bb4bc7f 6449d043383f095e73a7212de8d214b5929cecba 9189d4d89f4332ab32dceba7f68392bb0dad0e6c14eadf874a09c34663593007
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:45 GMT
content-type: application/json; charset=utf-8
content-length: 1553
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:45 GMT
vary: Accept-Encoding
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.026
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/hd-api/external/api/web/v1/j/57909k0k917d799015fc455c353b4e651b68a2d8e82de9c5c4bd | 178.253.29.51 | | 517 B |
URL 1xlite-461430.top/hd-api/external/api/web/v1/j/57909k0k917d799015fc455c353b4e651b68a2d8e82de9c5c4bd IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashd269bd8f2ee1357421145e751f4dba48 169c15af266e3a0886ae896f5859344149af7825 c5ad02c3eea3b5ee99b7c68cfafe1cfe8f3b6389f32dc3dd65f0667344e769d0
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /hd-api/external/api/web/v1/j/57909k0k917d799015fc455c353b4e651b68a2d8e82de9c5c4bd HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
X-Requested-With: XMLHttpRequest
Content-Type: application/json
Content-Length: 105936
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:45 GMT
content-type: application/json
content-length: 517
content-encoding: gzip
traceparent: 00-b6ebc2fe22e649d55762a1a593cf5333-b0d46674914b8930-01
vary: Accept-Encoding
x-dt: 285
x-request-guid: 611ba05ce58e11438792c88687e27c7b
x-time-ng: 0.007
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: dt_total;dur=8.115, wf-uht;dur=0.025
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | | 1.5 kB |
URL 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash95bc2274e4db67015282bce7d04bb23c 20bd17c32ad568e2dc0bce1f1fa627817b876286 51876652f089889c9fca9110cc237aa05d72767909f9b56dd0c30dcbbaac9a61
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:45 GMT
content-type: application/json; charset=utf-8
content-length: 1472
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:45 GMT
vary: Accept-Encoding
x-time-ng: 0.016
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.023
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png | 185.244.209.62 | | 5.2 kB |
URL GET v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typePNG image data, 514 x 514, 8-bit colormap, non-interlaced Hashb9a636eef54b2844b571fe7de49184a7 bf653690790ced40eb3189da075a275d951d1607 001bfcdd52b658d46543a1aec889d35b73b3909b47097cc011b95e96fc9e3743
GET /genfiles/cms/1-285/desktop/media_asset/c65c754d498ddb25accb3498c1e7540b.png HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:45 GMT
content-type: image/png
content-length: 5202
last-modified: Wed, 28 Feb 2024 07:52:20 GMT
etag: "b9a636eef54b2844b571fe7de49184a7"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
x-cached-since: 2024-04-03T07:12:40+00:00
traceparent: 00-2c418e87b7ed78b8d4bbee70f5198bb3-4d67abeafea2658b-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/260/desktop/banner/ef11271d6cef34c1fdb99b2ddff4bdb1.jpg | 185.244.209.62 | 200 OK | 28 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/260/desktop/banner/ef11271d6cef34c1fdb99b2ddff4bdb1.jpg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1380x248, components 3 Hash92e7a5868a7de2dcfa53b65bbdb98923 a26cfb8240552c368422ea594211d80e2a8aac06 e192736750fa781f44c9af7064b09b5c1acd09a46405315ed61cfe1a50fa5256
GET /genfiles/cms/260/desktop/banner/ef11271d6cef34c1fdb99b2ddff4bdb1.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:45 GMT
content-type: image/jpeg
content-length: 27999
last-modified: Thu, 02 May 2024 12:00:34 GMT
etag: "92e7a5868a7de2dcfa53b65bbdb98923"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0123258a4b329ff05598503d7021ed41-82a3484ad968f129-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:41:09+00:00, 2024-05-07T19:44:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 | 178.253.29.51 | 200 OK | 2.4 kB |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash24adef48767428cc2a7139d933c3b006 f496cd5bb7ec1f19e11d564abe37f66078cdff2f bd5e58f9c1436585f4c50d489ca69f873ca6cc65ad716f6e242d1691eece9a76
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:45 GMT
content-type: application/json; charset=utf-8
content-length: 2419
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:45 GMT
vary: Accept-Encoding
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.51 | | 14 kB |
URL 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashe0c94639ecbb9dd7a829389f9612a6a4 a1ece67be41e03876a534caffef2ae005544fa12 aca0f07977d663d77b43ab21c563358389a38bbc4fb34da676629acae370cfae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:48 GMT
content-type: application/json; charset=utf-8
content-length: 13837
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:48 GMT
vary: Accept-Encoding
x-time-ng: 0.022
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.030
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true | 178.253.29.51 | | 4.6 kB |
URL 1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash0007a96d139a3b7ae5f45c87d3daf179 944dd3d04b929e8aa9e377bee33bfec9ed7356a4 533f29b13e8b674e8f6f288c3ba20576d07b5fb00791d4bc168db05c40f38c54
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:45 GMT
content-type: application/json; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=5
last-modified: Tue, 07 May 2024 19:44:45 GMT
x-time-ng: 0.104
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.112
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/43b37bcd63883963ab5ca6707fd4ca45.jpg | 185.244.209.62 | | 17 kB |
URL GET v3.traincdn.com/genfiles/cms/1/desktop/banner/43b37bcd63883963ab5ca6707fd4ca45.jpg IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1380x248, components 3 Hashebce475967e6d85db5bdbde23e85eff7 496e2c75b549fe82d3f6dfbb3976096e0cae2ae7 6a1892ac412355576c6427f173d8b26757bdf0c8ec3aa149b6d1cfbc97408b9f
GET /genfiles/cms/1/desktop/banner/43b37bcd63883963ab5ca6707fd4ca45.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:50 GMT
content-type: image/jpeg
content-length: 16730
last-modified: Mon, 06 May 2024 09:11:06 GMT
etag: "ebce475967e6d85db5bdbde23e85eff7"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b729d78858a743c9fb3b781ba822d5b0-ed4657a8f065aac6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:51:53+00:00, 2024-05-07T19:44:40+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | | 1.6 kB |
URL GET 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashd6cfe4c8b5fa91ff2bf1b509638b9891 fdd53cea96a59ba55803a738fbd2638e14bbfbbc 1b5323eeda4b760a39d673fd435d6901f2c26878f8f2e16bf6c286a69b4dfd3b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:51 GMT
content-type: application/json; charset=utf-8
content-length: 1552
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:51 GMT
vary: Accept-Encoding
x-time-ng: 0.022
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.029
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | | 1.5 kB |
URL 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashab165b48ce567315e0aa4ac535c0c981 f31163d72315fe7c8a19a8f8c44b251091291666 ed256900c5a8d3f3cfb553a37e13fec80685963c12d732c6df3eb37b1dd94c0b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528915807&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:51 GMT
content-type: application/json; charset=utf-8
content-length: 1472
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:51 GMT
vary: Accept-Encoding
x-time-ng: 0.015
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.023
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 | 178.253.29.51 | | 4.9 kB |
URL 1xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash07770668139f43e615ab2716a12d41b5 3c22dba2c2665dfc2caaf252f7033f49a88d0ed8 132f6764f6dc1d932a25b1b67aa892b394e90a16bcd47bb49735b727a18d582e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:51 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=50, dt_total;dur=51.427, wf-uht;dur=0.065
traceparent: 00-0ffc7deea0a6313911a6c0c246fff647-6ee05691e58e3d3e-01
x-dt: 285
x-time-ng: 0.051
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 | 178.253.29.51 | 200 OK | 412 B |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash8b7a260655ef056099ed8505b06114f0 66f33894ccc9fc85a0283a0789982c604ef71fc6 9f8e28d259082c262918693510ab649dd54c73f35c781294632e359e4ef74e80
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/WebGetTopChampsZip?lng=en&gr=285&country=137 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:53 GMT
content-type: application/json; charset=utf-8
content-length: 412
cache-control: no-cache
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:53 GMT
vary: Accept-Encoding
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.013
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.51 | | 14 kB |
URL 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashe0c94639ecbb9dd7a829389f9612a6a4 a1ece67be41e03876a534caffef2ae005544fa12 aca0f07977d663d77b43ab21c563358389a38bbc4fb34da676629acae370cfae
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:53 GMT
content-type: application/json; charset=utf-8
content-length: 13837
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:48 GMT
vary: Accept-Encoding
x-time-ng: 0.022
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.51 | | 2.7 kB |
URL 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashb1518a6fb58d127f8b58daf901e56ed8 ad42b6e49f18ff884e96d8673a12d64de50e1a0b b3071f01acb1fbefbce355af43fd0c4c8757055bd9032e7305beb7f9d268b48f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:55 GMT
content-type: application/json; charset=utf-8
content-length: 2673
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:55 GMT
vary: Accept-Encoding
x-time-ng: 0.011
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.019
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true | 178.253.29.51 | | 2.0 kB |
URL 1xlite-461430.top/service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash3152bf047f7a63c547469eb34162bd63 01526c41b253f96344256115ea32d4555b22e7c2 d0886b2e3921a03f31b46d7fd1a6d7a4f6f6c0d5180398910629bb6124225ed8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetSportsShortZip?lng=en&country=137&virtualSports=true&gr=285&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:55 GMT
content-type: application/json; charset=utf-8
content-length: 2016
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:55 GMT
vary: Accept-Encoding
x-time-ng: 0.061
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.068
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/7b22f4ca03c927ca1e848ce9ab02cbb5.jpg | 185.244.209.62 | | 59 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/7b22f4ca03c927ca1e848ce9ab02cbb5.jpg IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1380x248, components 3 Hash3c551120cdcb3b8cb34b7e88fa69c8c8 f9706e9c69281c88f3429c1ec1c276b51080205e 5074f97fb8c9f81cfd6cc2fd35f94ed096b63c21f495279526f01f58f9b0d538
GET /genfiles/cms/1/desktop/banner/7b22f4ca03c927ca1e848ce9ab02cbb5.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:56 GMT
content-type: image/jpeg
content-length: 59159
last-modified: Mon, 06 May 2024 09:01:15 GMT
etag: "3c551120cdcb3b8cb34b7e88fa69c8c8"
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
x-cached-since: 2024-05-07T14:47:04+00:00
traceparent: 00-e4741e64de42bbf96cca68452c47431a-b752bb1e9efa9bb6-01
x-id: osix-hw-edge-gc4
cache: HIT, REVALIDATED
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size24/sfiles/logo_teams/6884.webp | 185.244.209.62 | | 1.4 kB |
URL v3.traincdn.com/resized/size24/sfiles/logo_teams/6884.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash4675aff241583e92737ecf4fe2df1c49 79858a163ff9fb5a92473132c67a0d542b2dcdf6 7c6075e3d19715fa0c8bfad733c180f63d564fff020e9a52a1de6d06cef1891e
GET /resized/size24/sfiles/logo_teams/6884.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:56 GMT
content-type: image/webp
content-length: 1356
cache-control: max-age=94608000
content-disposition: inline; filename="6884.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 14:47:01 GMT
x-request-id: d562c44e30a229e977dc42ddbfecfbaf
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-a85066d7707651e9ce37698ba931472d-86fa39733ec3e8b5-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:47:01+00:00, 2024-05-07T14:48:33+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size24/sfiles/logo_teams/3878bf2552540f58b96e9bd1ad4c5048.webp | 185.244.209.62 | | 1.3 kB |
URL v3.traincdn.com/resized/size24/sfiles/logo_teams/3878bf2552540f58b96e9bd1ad4c5048.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image Hash8949b6110d1b5e7d822b11baad2d310f 573124a7802f9de17572de3a996b0b7fc412afb1 5afc0ed272674a365e88564117066ce54cbb8c297b2c4520e2604be8c09008c4
GET /resized/size24/sfiles/logo_teams/3878bf2552540f58b96e9bd1ad4c5048.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:56 GMT
content-type: image/webp
content-length: 1306
cache-control: max-age=94608000
content-disposition: inline; filename="3878bf2552540f58b96e9bd1ad4c5048.webp"
content-security-policy: script-src 'none'
expires: Fri, 07 May 2027 14:47:01 GMT
x-request-id: 62476a6d7fc86e7d0e77b714976f0c84
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0e3a7d507a61aa3e2bd13a9187427c25-ab60478616c6ba0a-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T14:47:01+00:00, 2024-05-07T14:48:33+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0f8a3bdbdd12.js | 185.244.209.62 | | 34 kB |
URL v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0f8a3bdbdd12.js IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typegzip compressed data, max speed, from Unix Hash1131a2dbe974eba7809040b90d649eed d1ddfc1586d8e24a8dd73f37097009ca77d88c14 16623c7a7add2aecbe0e259790bc37bdbfa00ad50a0274fbad7a6ed168ce9e9d
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/0f8a3bdbdd12.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:38 GMT
content-type: text/javascript; charset=utf-8
last-modified: Wed, 01 May 2024 08:21:41 GMT
etag: W/"b49b08255ad6dd3864f907913b849ebe"
x-amz-meta-mtime: 1714551564.667873602
content-encoding: gzip
expires: Thu, 02 May 2024 15:20:56 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-03dcc96dff33493274cacc9f48adb0d6-71ef9e9e55ca43bd-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:56+00:00, 2024-05-07T17:01:37+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 | 178.253.29.51 | 200 OK | 2.4 kB |
URL GET HTTP/21xlite-461430.top/service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash7c2033ad063b30a16dce1b67eaa5bb02 9663d837580c79a3d33d9574acaa883ad9d9e531 1700e50c140e0e8ec0b8da9bb0c2350a8bb6b412251b2e5d851dd30a1242e9e7
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetTopGamesStatZip?lng=en&antisports=66 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:56 GMT
content-type: application/json; charset=utf-8
content-length: 2403
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:56 GMT
vary: Accept-Encoding
x-time-ng: 0.008
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.021
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | | 1.6 kB |
URL GET 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hashfa0affbf9590a2a4887fec613d6bd172 5b759c9f0aa03ea17e58d6d807be94bfe50a15e6 10e7da62977f328a682ba10628f9269f6e985ed634cf5ed3dc3f5e7e462757e8
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=528450883&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:57 GMT
content-type: application/json; charset=utf-8
content-length: 1553
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:57 GMT
vary: Accept-Encoding
x-time-ng: 0.014
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.022
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 | 178.253.29.51 | | 4.9 kB |
URL 1xlite-461430.top/web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash07770668139f43e615ab2716a12d41b5 3c22dba2c2665dfc2caaf252f7033f49a88d0ed8 132f6764f6dc1d932a25b1b67aa892b394e90a16bcd47bb49735b727a18d582e
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /web-api/external-api/v3/banners?project_id=285&country_code=NO&language=en&platform=2§ion=6&is_auth=false&limit=100 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:57 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=24, dt_total;dur=25.778, wf-uht;dur=0.037
traceparent: 00-5d38ba91992c6eb196c36b3b60f36fe6-9376ddafd3ea18dc-01
x-dt: 285
x-time-ng: 0.026
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=529224955&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 | 178.253.29.51 | | 1.5 kB |
URL GET 1xlite-461430.top/service-api/LineFeed/GetGameZip?id=529224955&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
Hash50b0090b0a8ff57ffd98b64a43e5e656 ee58ec5c7bd78c41eaa72f1547c5c42677f57944 fa84e82ef86c2ad3356263d498904c14e8e1abecff5d64fcf929c440cf582011
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LineFeed/GetGameZip?id=529224955&lng=en&GroupEvents=true&countevents=50&grMode=4&marketType=1 HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:57 GMT
content-type: application/json; charset=utf-8
content-length: 1468
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:57 GMT
vary: Accept-Encoding
x-time-ng: 0.006
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.014
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true | 178.253.29.51 | | 14 kB |
URL 1xlite-461430.top/service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hash2c0f553a83cb3632b27aef3105b6c1f2 2c3e39fa40aa483e9a0e060a4e5b4d9a4166896c 2e8a77c82cc6cba5a601c2133f4e1cfdcd49b55198c324c99f3fb7d39c89befb
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/Get1x2_VZip?count=20&lng=en&gr=285&mode=4&country=137&virtualSports=true&noFilterBlockEvent=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:58 GMT
content-type: application/json; charset=utf-8
content-length: 13846
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:58 GMT
vary: Accept-Encoding
x-time-ng: 0.019
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=0.029
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true | 178.253.29.51 | | 2.7 kB |
URL 1xlite-461430.top/service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true IP178.253.29.51:0 ASN#202492 Silverhill Group Holding Ltd
Hashb1518a6fb58d127f8b58daf901e56ed8 ad42b6e49f18ff884e96d8673a12d64de50e1a0b b3071f01acb1fbefbce355af43fd0c4c8757055bd9032e7305beb7f9d268b48f
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /service-api/LiveFeed/GetSportsShortZip?lng=en&gr=285&country=137&virtualSports=true&groupChamps=true HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
x-hd: eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJndWlkIjoiWXlOYnJhQXFYSWRrNWQyby9ONHRCRTZhcC9WbGp2TkJBTVVqc2lRdVdxQ2c0TzZ2c1ZoSjVtL2thQXY4a1hScjg4MFVRZHZ1bXpjRjU3VWlvdnd2RDk5aWFpV2gwSXdjYmpGUFBEQU5DbnJnanIvT241RXRJMGNxNnVMWjRQYXhwcEszKysyVWlkRWQ0Nys0Qm9RaS95dkJjcVBXNklsaEdWckFDV1hYUTBBcGZTUWZEZm1xOGw2RmZFaXQ4YzhvOWxHWXpuY0RPcGNyMUJPWFh0aFRKV1cwU0ZwY0RlNWlaUU9jdVYxaFkxcUh0WVZwajd2SHZKNEoybHEwOWNKWkdQM2dxMHVmOU1mWVZta2V2bFI5SWFMaW1BTU5aU1R0TTBlQjdiZG1QY0RpIiwiZXhwIjoxNzE1MTI1NDg1LCJpYXQiOjE3MTUxMTEwODV9.RyF0jSQYDiRohNFjCtLLCD-TB1gYHCwNUgKRq8njEf9q3aZgIApZg5_ZN_ddP3wq2KfbdpP7b5eSLoRi6kZ5Cw
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132; _ga_7JGWL9SV66=GS1.1.1715111084.1.0.1715111084.60.0.0; _ga=GA1.1.2131614808.1715111084
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:45:00 GMT
content-type: application/json; charset=utf-8
content-length: 2673
cache-control: public, max-age=5
content-encoding: br
last-modified: Tue, 07 May 2024 19:44:55 GMT
vary: Accept-Encoding
x-time-ng: 0.011
strict-transport-security: max-age=63072000; includeSubDomains; preload
server-timing: wf-uht;dur=
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp | 185.244.209.62 | | 20 kB |
URL v3.traincdn.com/genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp IP185.244.209.62:0 ASN#199524 G-Core Labs S.A.
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash95767496ab1dce71f394c97620666756 127389c7327fec508549222dd477edbd524e33dd fca493b566204dfff5ef8b8cd6c74c40659c812ac6665696dd5c66c664a31c7e
GET /genfiles/cms/1/desktop/banner/bf26d696b76130d9781b16f89f1de4cc.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:45:01 GMT
content-type: image/webp
content-length: 20522
last-modified: Thu, 08 Jun 2023 18:05:27 GMT
etag: "95767496ab1dce71f394c97620666756"
x-time-ng: 0.006
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-e9fab060c4f150c264e51265df4d9d32-4f3c99444cd491f9-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T14:22:50+00:00, 2024-05-07T19:26:32+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_3.json | 185.244.209.62 | 200 OK | 13 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/betstemplates/bets_model_short_en_3.json IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd4f82c6941872614b6a2c18008e217be d43ea6e3db687b9396c7f6b698561adf298caea8 b78d262cd306517df772f3a5696fd519a9807f2716dfdd0613d416f13e710193
GET /genfiles/cms/betstemplates/bets_model_short_en_3.json HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: application/json
last-modified: Thu, 02 May 2024 09:18:51 GMT
etag: W/"d4f82c6941872614b6a2c18008e217be"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-0f1ccd786bafa26aaf05502e2248b572-8d77df55939b530d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-02T10:05:37+00:00, 2024-05-07T19:14:13+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.webp | 185.244.209.62 | 200 OK | 15 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image, VP8 encoding, 1380x248, Scaling: [none]x[none], YUV color, decoders should clamp Hash2ccdf625b855ce93bc9b56a671accd6e bc8f3a791f6251b714bafad614d15c477ba428e4 c5012a832581da604a5c57e8f822008f749fe484c6d24127ca91232af71169cd
GET /genfiles/cms/1/desktop/banner/d94c9b1508a286d270c77946ff0972fa.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:40 GMT
content-type: image/webp
content-length: 14610
last-modified: Thu, 08 Jun 2023 09:20:03 GMT
etag: "2ccdf625b855ce93bc9b56a671accd6e"
x-time-ng: 0.002
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-d764af01d8ff92d5a7fa6de57bd03d3e-dedabe9c852f600c-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-02-27T14:22:50+00:00, 2024-05-07T19:26:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.jpg | 0.0.0.0 | | 0 B |
URL GET v3.traincdn.com/genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.jpg IP0.0.0.0:0
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /genfiles/cms/1/desktop/banner/1ef232ab28e984c65ad109ade8b650ed.jpg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js | 185.244.209.62 | 200 OK | 30 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_localforage_PLMWICWN.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (30255) Hashdfa127e93d125d4f6c566203eaf225f2 32c1fd89c4eeed7ac2a942582b3786659b15cd43 cf5077d1cff62ce76807408ebc2203563b7a221ddf1cf38339c6d54289bff390
GET /sys-static/shared-assets/__shared_localforage_PLMWICWN.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:36 GMT
content-type: text/javascript; charset=utf-8
last-modified: Tue, 07 May 2024 09:11:40 GMT
etag: W/"dfa127e93d125d4f6c566203eaf225f2"
x-amz-meta-mtime: 1715072814.257664589
content-encoding: gzip
expires: Wed, 08 May 2024 15:18:12 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-70b3eb81e790d6c95383f71b7b939784-8f7c203e8e34dffc-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T15:18:12+00:00, 2024-05-07T16:01:01+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/339955.webp | 185.244.209.62 | 200 OK | 716 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/339955.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash0a2dddf80adc2d9f1a2e4fcc9324a05c ea9d2086f2215daa3ef1abe7ba4a40fb99b0e76e 158f12448324c1db08214074979b2591bf1a32ee31e0edded585c385c47f8bc8
GET /resized/size16/sfiles/logo_teams/339955.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:37 GMT
content-type: image/webp
content-length: 716
cache-control: max-age=94608000
content-disposition: inline; filename="339955.webp"
content-security-policy: script-src 'none'
expires: Thu, 06 May 2027 10:43:18 GMT
x-request-id: 293b5119a9c0ebf153203c420f6c80df
x-time-ng: 0.040
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-e7414e7055f3193e663cff93c3143e90-3705ed5618e6fe99-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T10:43:18+00:00, 2024-05-06T17:02:57+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/resized/size16/sfiles/logo_teams/5280.webp | 185.244.209.62 | 200 OK | 764 B |
URL GET HTTP/2v3.traincdn.com/resized/size16/sfiles/logo_teams/5280.webp IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeRIFF (little-endian) data, Web/P image Hash32f8342d66192fd28e129ea3a57e0fb6 19ba5daef13566c859c41e303beeef6a8597064d b8a6448a37b92cfb5b786f9f625a418bf7ebc2c9b85be4f03d8b1afe76cff494
GET /resized/size16/sfiles/logo_teams/5280.webp HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:31 GMT
content-type: image/webp
content-length: 764
cache-control: max-age=94608000
content-disposition: inline; filename="5280.webp"
content-security-policy: script-src 'none'
expires: Sat, 05 Dec 2026 03:34:53 GMT
x-request-id: 13e2b2204e1b881427cdabec4d6ff734
strict-transport-security: max-age=15724800; includeSubDomains
x-time-ng: 0.000
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-1d506d4077f137f4bc466a1901722b39-17723323b614e8ef-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-06T03:34:53+00:00, 2023-12-18T08:39:53+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg | 185.244.209.62 | 200 OK | 1.2 kB |
URL GET HTTP/2v3.traincdn.com/genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash1ff133ab01d208b0d686dd88d85e239a 86a0501b79a1c553eadc829177a9e6ffff1948be 9ac21c63d1c8b7abe4c94550a731baff995d34c745c1d08fdf8d5e5c8de268f1
GET /genfiles/cms/1-285/desktop/media_asset/3083a20a3f73c30fce38710d7ada9cbb.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:32 GMT
content-type: image/svg+xml
last-modified: Wed, 19 Apr 2023 11:51:30 GMT
etag: W/"3ae81b002dca46d3b732ce3e03ae35c6"
content-encoding: gzip
x-time-ng: 0.000
cache-control: public,max-age=3600,s-maxage=3600
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-400c7ae617071e1ea01293e22ccfd868-798a77938eda11b6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2023-12-18T08:36:11+00:00, 2024-05-07T19:07:24+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sfiles/games-images/game-animations/game-316-animation.svg | 185.244.209.62 | 200 OK | 13 kB |
URL GET HTTP/2v3.traincdn.com/sfiles/games-images/game-animations/game-316-animation.svg IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeSVG Scalable Vector Graphics image Hash0db44d13e7a50cd2da8dd47ff024f1cd 719bb6c0f3bd8ebabc6c3f53606affb21fd9a4b7 92690d6a77132101517ef7ee09173a4629fd85ba10a6a25033ba80f7967e8fe7
GET /sfiles/games-images/game-animations/game-316-animation.svg HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:33 GMT
content-type: image/svg+xml
last-modified: Tue, 16 Jan 2024 08:41:20 GMT
etag: W/"0db44d13e7a50cd2da8dd47ff024f1cd"
x-amz-meta-origin-date-iso8601: 2024-01-12T15:48:06.000Z
expires: Tue, 07 May 2024 00:00:59 GMT
cache-control: max-age=86400, public
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-b9c754d36006db2585c0015d7f7170f4-74ae72b0c31a8a64-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T00:00:59+00:00, 2024-05-07T00:43:06+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-ui/3.2.2/Desktop/Default/client.css | 185.244.209.62 | 200 OK | 1.0 MB |
URL GET HTTP/2v3.traincdn.com/sys-ui/3.2.2/Desktop/Default/client.css IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
Size1.0 MB (1048646 bytes) Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sys-ui/3.2.2/Desktop/Default/client.css HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:33 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 19 Apr 2024 10:16:19 GMT
etag: W/"e4b8405071f7ea0e1aa13cd501543a44"
x-amz-meta-mtime: 1713521458.745453226
content-encoding: gzip
expires: Sat, 20 Apr 2024 11:51:17 GMT
cache-control: max-age=86400
x-time-ng: 0.010
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-dc8867cba0b1fc1079263a63adb8b487-c938d1250a99e25d-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-04-19T11:51:17+00:00, 2024-05-07T14:34:20+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js | 185.244.209.62 | 200 OK | 1.2 kB |
URL GET HTTP/2v3.traincdn.com/_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (1277), with no line terminators Hash3462e5c6e787d841ecbe1a7df5623502 467c0a5c3972dd934619db6b72b55259853dd35f eba1468b09e18bca093bd6eb4d84c697da9cb446f6888955003cd2fa6feaeaee
GET /_nuxt/desktop/default/Page.Betting.Asia.BettingContent-3ca7fb18.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://1xlite-461430.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:27 GMT
content-type: application/javascript; charset=utf-8
content-length: 633
last-modified: Mon, 06 May 2024 10:23:05 GMT
etag: "6638af89-279"
content-encoding: gzip
expires: Tue, 07 May 2024 14:32:12 GMT
cache-control: max-age=86400
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-99b6511b1e032da4a440319f5170ac59-a24467a1484b4321-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-06T14:32:12+00:00, 2024-05-07T15:18:12+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cb22691ee4d9.js | 185.244.209.62 | 200 OK | 731 B |
URL GET HTTP/2v3.traincdn.com/sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cb22691ee4d9.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeASCII text, with very long lines (754), with no line terminators Hash30a02dbaf2c38f72b60d0e8d80d0c56b f96f0961b45be83b8b4c3e0e55d059fa3cd65fd2 50d111fa0623d11309f744fa02049c4d6abe90e8a0ba888e71b5eb4c0536220f
GET /sys-static/sys-betting-app-static/Desktop/Default/44136fa355b3/cb22691ee4d9.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:38 GMT
content-type: text/javascript; charset=utf-8
content-length: 731
last-modified: Wed, 01 May 2024 08:21:42 GMT
etag: "bd6d9e7b07e097eb950f4b8bd6ada2b4"
x-amz-meta-mtime: 1714551564.675873475
expires: Thu, 02 May 2024 15:20:53 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc88
traceparent: 00-a6715751b087c6650c02b5aa1f520182-c9e5614ddbcdaea6-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-01T15:20:53+00:00, 2024-05-07T17:01:36+00:00
accept-ranges: bytes
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js | 185.244.209.62 | 200 OK | 101 kB |
URL GET HTTP/2v3.traincdn.com/sys-static/shared-assets/__shared_chunk_M4D4AAJL.js IP185.244.209.62:443 ASN#199524 G-Core Labs S.A.
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerSectigo Limited Subject*.traincdn.com FingerprintC8:8E:2A:E6:0A:C8:1B:3E:56:D0:F0:37:75:5F:40:9B:EF:44:C8:73 ValidityThu, 02 Nov 2023 00:00:00 GMT - Mon, 02 Dec 2024 23:59:59 GMT
File typeJavaScript source, ASCII text, with very long lines (35828) Size101 kB (100701 bytes) Hash51ddc52774f4e5bd6a6f1c22e9d19674 374c2fbb2b68ad9c28898dfe60da3fd828ccf7c4 642e66ee14ca90b6ff8f91fbfdce400c6834a037dee18a60a72922ea727bb442
GET /sys-static/shared-assets/__shared_chunk_M4D4AAJL.js HTTP/1.1
Host: v3.traincdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Referer: https://v3.traincdn.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:36 GMT
content-type: text/javascript; charset=utf-8
last-modified: Mon, 06 May 2024 13:05:33 GMT
etag: W/"51ddc52774f4e5bd6a6f1c22e9d19674"
x-amz-meta-mtime: 1715000580.87646382
content-encoding: gzip
expires: Wed, 08 May 2024 12:42:07 GMT
cache-control: max-age=86400
x-time-ng: 0.000
strict-transport-security: max-age=15724800; includeSubDomains
access-control-allow-origin: *
x-id-shield: am3-hw-edge-gc89
traceparent: 00-6deeff77446b051daeb2f368a15283ce-b9e13d90eec647f7-01
x-id: osix-hw-edge-gc4
cache: HIT, HIT
x-cached-since: 2024-05-07T12:42:07+00:00, 2024-05-07T12:51:04+00:00
x-shard: osix-shard0-default_443
X-Firefox-Spdy: h2
|
|
| 1xlite-461430.top/web-api/registration | 178.253.29.51 | 200 OK | 3.5 kB |
URL POST HTTP/21xlite-461430.top/web-api/registration IP178.253.29.51:443 ASN#202492 Silverhill Group Holding Ltd
Requested byhttps://1xlite-461430.top/en?tag=s_1558737m_355c_%5b%5dMS%5b%5dnull%5b%5dnull%5b%5dgeneral%5b%5d18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru CertificateIssuerLet's Encrypt Subject1xlite-461430.top FingerprintF3:86:6D:55:32:E5:0A:B1:0E:8B:AB:CE:2B:67:CF:DF:92:2D:F2:91 ValidityTue, 26 Mar 2024 09:15:23 GMT - Mon, 24 Jun 2024 09:15:22 GMT
File typeUnicode text, UTF-8 text, with very long lines (3790), with no line terminators Hash6404887dd8d444876d728785f6314374 0cddac90bc90d8d1e52211d25ea728b96441efb8 783ced4de55511848ae604cd1f938fb701451edc082773f2b0b90cf5e84e3b22
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
POST /web-api/registration HTTP/1.1
Host: 1xlite-461430.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://1xlite-461430.top/en?tag=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder&pb=a97213fad9d648e1a13d8fe56a5b07c1&click_id=27581_251125_4_6_g88_1999306&r=ru
content-type: application/json
x-requested-with: XMLHttpRequest
Content-Length: 17
Origin: https://1xlite-461430.top
DNT: 1
Connection: keep-alive
Cookie: lng=en; cookies_agree_type=3; tzo=3; is12h=0; referral_values=%7B%22type%22%3A%22reflinkid%22%2C%22val%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22additional%22%3A%7B%22name_tag%22%3A%22tag%22%7D%7D; reflinkid=s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder; postback_watcher=%7B%22tag%22%3A%22s_1558737m_355c_%5B%5DMS%5B%5Dnull%5B%5Dnull%5B%5Dgeneral%5B%5D18069_30365_d70971_l71502_clickunder%22%2C%22pb%22%3A%22a97213fad9d648e1a13d8fe56a5b07c1%22%2C%22click_id%22%3A%2227581_251125_4_6_g88_1999306%22%2C%22r%22%3A%22ru%22%7D; platform_type=desktop; auid=sv0dM2Y6hJlz+Iv4AxOUAg==; SESSION=94ef517436a1b9dfa74f5a35809efc70; window_width=1280; che_g=694bcd19-58b0-5098-2365-37aabf41b579; _glhf=1715128846; application_locale=en; sh.session.id=c03732df-f9b6-4e1a-8cb5-c1de7d44c9ca; ggru=132
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Tue, 07 May 2024 19:44:35 GMT
content-type: application/vnd.api+json
vary: Accept-Encoding
cache-control: no-cache, private
server-timing: p;dur=32, dt_total;dur=33.397, wf-uht;dur=0.046
traceparent: 00-74b9cfec8e66db5ded8c92e7c0cede17-e98a7ea185d88fe2-01
x-dt: 285
x-time-ng: 0.033
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
X-Firefox-Spdy: h2
|
|
| widget.suphelper.top/sounds/new-message.mp3 | 104.18.39.72 | 200 OK | 30 kB |
URL GET HTTP/2widget.suphelper.top/sounds/new-message.mp3 IP104.18.39.72:443
Requested byhttps://widget.suphelper.top/ CertificateIssuerGoogle Trust Services LLC Subjectsuphelper.top Fingerprint41:D3:A3:3C:61:71:CC:56:60:F0:BE:CD:81:3B:5D:26:23:49:8D:36 ValidityTue, 26 Mar 2024 09:53:55 GMT - Mon, 24 Jun 2024 09:53:54 GMT
File typeMPEG ADTS, layer III, v1, 192 kbps, 48 kHz, JntStereo Hashef9af24dc7dbd24ffd99c832e1300351 f78744a5013038446c468de14f205f2d52373fd6 5049d7fe87a7327a291441181d1a328a15f46a21081b970502c540406011c9b9
GET /sounds/new-message.mp3 HTTP/1.1
Host: widget.suphelper.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 07 May 2024 19:44:35 GMT
content-type: audio/mpeg
content-length: 29952
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';img-src 'self' data: blob: https://cons-suph.com/file-hosting https://cons-suph.com/file-hosting/;object-src 'none';script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.google.com/recaptcha/ 'report-sample' https://www.gstatic.com/recaptcha/;script-src-attr 'none';style-src 'self' https: 'unsafe-inline';frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/;connect-src 'self' wss: ws: https://cons-suph.com/file-hosting/ https://cdn.jsdelivr.net/npm/@emoji-mart/data@latest/i18n/
x-dns-prefetch-control: off
expect-ct: max-age=0
strict-transport-security: max-age=15724800; includeSubDomains
x-download-options: noopen
x-content-type-options: nosniff
origin-agent-cluster: ?1
x-permitted-cross-domain-policies: none
referrer-policy: no-referrer
x-xss-protection: 0
cache-control: public, max-age=14400
last-modified: Thu, 02 May 2024 07:01:48 GMT
etag: W/"7500-18f381bf786"
cf-cache-status: HIT
age: 3193
expires: Tue, 07 May 2024 23:44:35 GMT
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8803b49dba60b50b-OSL
X-Firefox-Spdy: h2
|
|